/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.211 - (show annotations) (download)
Sat Mar 22 20:34:58 2008 UTC (6 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.210: +12 -1 lines
Revision bump, thanks to Kerin Miller.
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.210 2008/02/27 16:04:18 solar Exp $
4
5 *hardened-sources-2.6.23-r9 (22 Mar 2008)
6
7 22 Mar 2008; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.23-r9.ebuild:
9 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
10 * Change the default GIDs for some grsecurity options
11 * Revamp the Hardened [Gentoo] security level and make it the default level
12 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
13 * Fix a recursive lock -- call to capable() within ptrace_attach()
14 * Fix bug that allows audit and iscsi operations to be controlled via netlink
15
16 *hardened-sources-2.6.23-r8 (27 Feb 2008)
17
18 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
19 - version bump from Kerin Millar bug 210026
20
21 17 Feb 2008; <solar@gentoo.org> metadata.xml,
22 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
23 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
24 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
25 - stable on x86 and remove old ebuilds
26
27 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
28 - stable on amd64 per request of amd64 lead
29
30 *hardened-sources-2.6.23-r7 (11 Feb 2008)
31
32 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
33 - version bump from kerin.millar
34 Changes:
35
36 * Bump to genpatches-base-2.6.23-9
37 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
38 * Disables COMPAT_VDSO in x86/defconfig
39 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
40
41 25 Jan 2008; Christian Heim <phreak@gentoo.org>
42 -hardened-sources-2.6.22-r8.ebuild:
43 Cleaning up old versions.
44
45 *hardened-sources-2.6.23-r6 (25 Jan 2008)
46
47 25 Jan 2008; Christian Heim <phreak@gentoo.org>
48 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
49 Revision bump, pulling in the latest genpatches.
50
51 *hardened-sources-2.6.23-r5 (24 Dec 2007)
52
53 24 Dec 2007; Christian Heim <phreak@gentoo.org>
54 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
55 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
56 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
57 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
58
59 24 Dec 2007; Christian Heim <phreak@gentoo.org>
60 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
61 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
62 -hardened-sources-2.6.23-r3.ebuild:
63 Cleaning out some unused, old versions.
64
65 24 Dec 2007; Christian Heim <phreak@gentoo.org>
66 hardened-sources-2.6.23-r4.ebuild:
67 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
68 in the tree for long, but there isn't much of a difference between this and
69 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
70
71 *hardened-sources-2.6.23-r4 (23 Dec 2007)
72
73 23 Dec 2007; Christian Heim <phreak@gentoo.org>
74 +hardened-sources-2.6.23-r4.ebuild:
75 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
76
77 *hardened-sources-2.6.23-r3 (04 Dec 2007)
78
79 04 Dec 2007; Christian Heim <phreak@gentoo.org>
80 +hardened-sources-2.6.23-r3.ebuild:
81 Revision bump, pulling in 2.6.23.9.
82
83 *hardened-sources-2.6.23-r2 (25 Nov 2007)
84
85 25 Nov 2007; Christian Heim <phreak@gentoo.org>
86 +hardened-sources-2.6.23-r2.ebuild:
87 Updated patchset, thanks to solar.
88
89 *hardened-sources-2.6.23-r1 (31 Oct 2007)
90
91 31 Oct 2007; Christian Heim <phreak@gentoo.org>
92 +hardened-sources-2.6.23-r1.ebuild:
93 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
94
95 29 Oct 2007; <solar@gentoo.org> metadata.xml:
96 - update metadata.xml
97
98 25 Oct 2007; Christian Heim <phreak@gentoo.org>
99 hardened-sources-2.6.22-r8.ebuild:
100 Marking 2.6.22-r8 stable on amd64 and x86.
101
102 21 Oct 2007; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
104 -hardened-sources-2.6.21-r4.ebuild:
105 Removing old ebuilds.
106
107 *hardened-sources-2.4.35-r2 (21 Oct 2007)
108
109 21 Oct 2007; Christian Heim <phreak@gentoo.org>
110 +hardened-sources-2.4.35-r2.ebuild:
111 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
112 patches.
113
114 *hardened-sources-2.6.22-r8 (21 Oct 2007)
115
116 21 Oct 2007; Christian Heim <phreak@gentoo.org>
117 +hardened-sources-2.6.22-r8.ebuild:
118 Yet another new patch, hopefully fixing the remaining issues we had w/
119 2.6.22. Candidate for stabling.
120
121 *hardened-sources-2.6.23 (13 Oct 2007)
122
123 13 Oct 2007; Christian Heim <phreak@gentoo.org>
124 +hardened-sources-2.6.23.ebuild:
125 Initial hardened-sources-2.6.23. If people still have problems w/ bug
126 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
127
128 11 Oct 2007; Christian Heim <phreak@gentoo.org>
129 hardened-sources-2.6.20-r10.ebuild:
130 Pulling in yet another new genpatches version, fixing the PWC bug for real.
131
132 04 Oct 2007; Christian Heim <phreak@gentoo.org>
133 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
134 Removing old versions.
135
136 *hardened-sources-2.6.22-r7 (01 Oct 2007)
137
138 01 Oct 2007; Christian Heim <phreak@gentoo.org>
139 +hardened-sources-2.6.22-r7.ebuild:
140 Revision bump, pulling in a newer patch. Should fix #194276.
141
142 30 Sep 2007; Christian Heim <phreak@gentoo.org>
143 hardened-sources-2.6.20-r10.ebuild:
144 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
145 Mike Doty).
146
147 *hardened-sources-2.6.22-r6 (26 Sep 2007)
148
149 26 Sep 2007; Christian Heim <phreak@gentoo.org>
150 +hardened-sources-2.6.22-r6.ebuild:
151 Revision bump, grabbing up till Linux 2.6.22.9.
152
153 24 Sep 2007; Christian Heim <phreak@gentoo.org>
154 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
155 Cleaning up further.
156
157 *hardened-sources-2.6.20-r10 (24 Sep 2007)
158
159 24 Sep 2007; Christian Heim <phreak@gentoo.org>
160 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
161 +hardened-sources-2.6.20-r10.ebuild:
162 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
163 revisions.
164
165 *hardened-sources-2.6.22-r5 (22 Sep 2007)
166
167 22 Sep 2007; Christian Heim <phreak@gentoo.org>
168 +hardened-sources-2.6.22-r5.ebuild:
169 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
170
171 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
172 Removing johnm from metadata.xml (see #186467 for reference).
173
174 *hardened-sources-2.6.22-r4 (17 Sep 2007)
175
176 17 Sep 2007; Christian Heim <phreak@gentoo.org>
177 +hardened-sources-2.6.22-r4.ebuild:
178 Revision bump, hopefully fixing all those weird PAX failures.
179
180 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
181 Updating the metadata.xml.
182
183 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
184 Removing tocharian from metadata due to his retirement (see #71718 for
185 reference).
186
187 *hardened-sources-2.6.20-r9 (30 Aug 2007)
188
189 30 Aug 2007; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.20-r9.ebuild:
191 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
192
193 29 Aug 2007; Christian Heim <phreak@gentoo.org>
194 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
195 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
196 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
197 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
198 -hardened-sources-2.6.22-r2.ebuild:
199 Removing some redundant versions.
200
201 *hardened-sources-2.4.35-r1 (29 Aug 2007)
202
203 29 Aug 2007; Christian Heim <phreak@gentoo.org>
204 +hardened-sources-2.4.35-r1.ebuild:
205 Revision bump, new grsecurity patch.
206
207 *hardened-sources-2.6.20-r8 (26 Aug 2007)
208
209 26 Aug 2007; Christian Heim <phreak@gentoo.org>
210 +hardened-sources-2.6.20-r8.ebuild:
211 Revision bump for Linux 2.6.20.17.
212
213 *hardened-sources-2.6.22-r3 (22 Aug 2007)
214
215 22 Aug 2007; Christian Heim <phreak@gentoo.org>
216 +hardened-sources-2.6.22-r3.ebuild:
217 Revision bump for Linux 2.6.22.4.
218
219 16 Aug 2007; Christian Heim <phreak@gentoo.org>
220 hardened-sources-2.6.22-r2.ebuild:
221 Updated patchset, to fix the alignment against 2.6.22.3.
222
223 *hardened-sources-2.6.22-r2 (16 Aug 2007)
224
225 16 Aug 2007; Christian Heim <phreak@gentoo.org>
226 +hardened-sources-2.6.22-r2.ebuild:
227 Revision bump for Linux 2.6.22.3.
228
229 *hardened-sources-2.4.35 (16 Aug 2007)
230
231 16 Aug 2007; Christian Heim <phreak@gentoo.org>
232 +hardened-sources-2.4.35.ebuild:
233 Version bump, initial version for Linux 2.4.35.
234
235 *hardened-sources-2.6.21-r4 (16 Aug 2007)
236
237 16 Aug 2007; Christian Heim <phreak@gentoo.org>
238 +hardened-sources-2.6.21-r4.ebuild:
239 Revision bump for Linux 2.6.21.6.
240
241 *hardened-sources-2.6.20-r7 (16 Aug 2007)
242
243 16 Aug 2007; Christian Heim <phreak@gentoo.org>
244 +hardened-sources-2.6.20-r7.ebuild:
245 Revision bump for Linux 2.6.20.16.
246
247 *hardened-sources-2.6.22-r1 (13 Aug 2007)
248
249 13 Aug 2007; Christian Heim <phreak@gentoo.org>
250 +hardened-sources-2.6.22-r1.ebuild:
251 Yet another revision bump.
252
253 *hardened-sources-2.6.22 (10 Aug 2007)
254
255 10 Aug 2007; Christian Heim <phreak@gentoo.org>
256 +hardened-sources-2.6.22.ebuild:
257 Initial release for 2.6.22. If you are using hardened-sources on a desktop
258 machine (P4 or newer), be aware you might need to disable
259 CONFIG_PAX_PAGEEXEC.
260
261 04 Aug 2007; Christian Heim <phreak@gentoo.org>
262 hardened-sources-2.6.20-r6.ebuild:
263 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
264 2.6.20.15.
265
266 10 Jul 2007; Christian Heim <phreak@gentoo.org>
267 hardened-sources-2.6.20-r5.ebuild:
268 Marking hardened-sources-2.6.20-r5 stable on ppc.
269
270 10 Jul 2007; Christian Heim <phreak@gentoo.org>
271 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
272 Cleanup.
273
274 *hardened-sources-2.6.20-r6 (08 Jul 2007)
275
276 08 Jul 2007; Christian Heim <phreak@gentoo.org>
277 +hardened-sources-2.6.20-r6.ebuild:
278 Revision bump, grabbing yet another stable release.
279
280 17 Jun 2007; Christian Heim <phreak@gentoo.org>
281 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
282 -hardened-sources-2.6.21-r2.ebuild:
283 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
284 alpha stable KEYWORD by mistake.
285
286 17 Jun 2007; Christian Heim <phreak@gentoo.org>
287 hardened-sources-2.6.20-r5.ebuild:
288 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
289 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
290
291 *hardened-sources-2.6.21-r3 (12 Jun 2007)
292
293 12 Jun 2007; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.6.21-r3.ebuild:
295 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
296 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
297 love.
298
299 *hardened-sources-2.6.20-r5 (11 Jun 2007)
300
301 11 Jun 2007; Christian Heim <phreak@gentoo.org>
302 +hardened-sources-2.6.20-r5.ebuild:
303 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
304 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
305 love.
306
307 *hardened-sources-2.4.34.5 (11 Jun 2007)
308
309 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
310 +hardened-sources-2.4.34.5.ebuild:
311 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
312
313 30 May 2007; Christian Heim <phreak@gentoo.org>
314 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
315 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
316 stale ebuild(s).
317
318 30 May 2007; Christian Heim <phreak@gentoo.org>
319 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
320 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
321 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
322 Doing some cleanups, remove stale ebuilds.
323
324 26 May 2007; Christian Heim <phreak@gentoo.org>
325 hardened-sources-2.6.21-r2.ebuild:
326 Fixing the grsecurity patch, had one '};' too much.
327
328 *hardened-sources-2.6.21-r2 (26 May 2007)
329
330 26 May 2007; Christian Heim <phreak@gentoo.org>
331 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
332 +hardened-sources-2.6.21-r2.ebuild:
333 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
334 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
335
336 *hardened-sources-2.6.20-r4 (26 May 2007)
337
338 26 May 2007; Christian Heim <phreak@gentoo.org>
339 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
340 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
341 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
342
343 15 May 2007; Christian Heim <phreak@gentoo.org>
344 hardened-sources-2.6.20-r3.ebuild:
345 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
346 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
347 grsecurity patch fail in that exact same hunk.
348
349 *hardened-sources-2.6.20-r3 (15 May 2007)
350
351 15 May 2007; Christian Heim <phreak@gentoo.org>
352 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
353 Revision bump, incorporating Linux 2.6.20.11.
354
355 *hardened-sources-2.6.21-r1 (11 May 2007)
356
357 11 May 2007; Christian Heim <phreak@gentoo.org>
358 +hardened-sources-2.6.21-r1.ebuild:
359 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
360 mentioned in #177234.
361
362 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
363 files/digest-hardened-sources-2.6.21, Manifest:
364 Fix Manifest/digest for linux-2.6.21.tar.bz2
365
366 06 May 2007; Christian Heim <phreak@gentoo.org>
367 hardened-sources-2.6.21.ebuild:
368 Bumping the hardened-patches version, needed for the fix for #177234.
369
370 *hardened-sources-2.6.21 (02 May 2007)
371
372 02 May 2007; Christian Heim <phreak@gentoo.org>
373 +hardened-sources-2.6.21.ebuild:
374 Version bump, Linux 2.6.21-hardened.
375
376 29 Apr 2007; Christian Heim <phreak@gentoo.org>
377 hardened-sources-2.6.20-r2.ebuild:
378 Adding ~ia64 on Ned's request.
379
380 29 Apr 2007; Christian Heim <phreak@gentoo.org>
381 hardened-sources-2.6.20-r2.ebuild:
382 Fixing the included grsecurity patch, wasn't alligning due to the Index:
383 header line(s).
384
385 29 Apr 2007; Christian Heim <phreak@gentoo.org>
386 hardened-sources-2.6.20-r2.ebuild:
387 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
388
389 *hardened-sources-2.6.20-r2 (10 Apr 2007)
390
391 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
392 +hardened-sources-2.6.20-r2.ebuild:
393 Version bump, on behalf of phreak
394
395 *hardened-sources-2.6.20-r1 (04 Apr 2007)
396
397 04 Apr 2007; Christian Heim <phreak@gentoo.org>
398 +hardened-sources-2.6.20-r1.ebuild:
399 Revision bump, grabbing a newer grsecurity snapshot.
400
401 *hardened-sources-2.6.20 (25 Mar 2007)
402
403 25 Mar 2007; Christian Heim <phreak@gentoo.org>
404 +hardened-sources-2.6.20.ebuild:
405 Finally a hardened-sources version for 2.6.20; many people have been waiting
406 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
407 testbox.
408
409 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
410 hardened-sources-2.6.18-r6.ebuild:
411 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
412
413 *hardened-sources-2.6.18-r6 (16 Mar 2007)
414
415 16 Mar 2007; Christian Heim <phreak@gentoo.org>
416 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
417 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
418 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
419 supposed to be.
420
421 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
422 Fixing the Manifest, the previous one was broken (as in still had the
423 deleted ebuild in it).
424
425 06 Mar 2007; Christian Heim <phreak@gentoo.org>
426 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
427 +hardened-sources-2.6.18-r5.ebuild:
428 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
429 Linux 2.6.18.8. Also cleaning up the older version.
430
431 *hardened-sources-2.6.18-r5 (06 Mar 2007)
432
433 06 Mar 2007; Christian Heim <phreak@gentoo.org>
434 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
435 +hardened-sources-2.6.18-r5.ebuild:
436 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
437 Linux 2.6.18.8. Also cleaning up the older version.
438
439 24 Feb 2007; Christian Heim <phreak@gentoo.org>
440 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
441 -hardened-sources-2.6.19-r5.ebuild:
442 Removing some of the old version, that didn't work.
443
444 *hardened-sources-2.6.19-r6 (12 Feb 2007)
445
446 12 Feb 2007; Christian Heim <phreak@gentoo.org>
447 +hardened-sources-2.6.19-r6.ebuild:
448 Revision bump, including a new grsec version fixing #166235.
449
450 *hardened-sources-2.4.34 (24 Jan 2007)
451
452 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
453 Manifest:
454 updating Manifest with checksums of new tarball and ebuild
455
456 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
457 +hardened-sources-2.4.34.ebuild:
458 I added new hardened sources 2.4 update, this is a critical path
459 security bugfix - all users of h-s are strongly advised
460 to update their existing hardened sources to this version.
461 It contains a fix for a kernel vulnerability that is pertaining
462 to the PaX changes to virtual memory management, possibly leading
463 to a local kernel exploit ... see grsecurity.net forums and homepage
464
465 23 Jan 2007; Christian Heim <phreak@gentoo.org>
466 files/digest-hardened-sources-2.6.19-r5, Manifest:
467 Fixing the patch-tarball digest.
468
469 *hardened-sources-2.6.19-r5 (23 Jan 2007)
470
471 23 Jan 2007; Christian Heim <phreak@gentoo.org>
472 +hardened-sources-2.6.19-r5.ebuild:
473 Revision bump, closing the recently discovered PaX expand_stack()
474 vulnerability.
475
476 *hardened-sources-2.6.19-r4 (14 Jan 2007)
477
478 14 Jan 2007; Christian Heim <phreak@gentoo.org>
479 +hardened-sources-2.6.19-r4.ebuild:
480 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
481 dropping the randomized PID feature.
482
483 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
484 hardened-sources-2.4.33.4.ebuild:
485 stable x86, bug #161171
486
487 *hardened-sources-2.6.19-r3 (27 Dec 2006)
488
489 27 Dec 2006; Christian Heim <phreak@gentoo.org>
490 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
491 Revision bump for bug #157186 and #158786.
492
493 *hardened-sources-2.6.18-r4 (27 Dec 2006)
494
495 27 Dec 2006; Christian Heim <phreak@gentoo.org>
496 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
497 Revision bump for bug #157186.
498
499 *hardened-sources-2.6.19-r2 (23 Dec 2006)
500
501 23 Dec 2006; Christian Heim <phreak@gentoo.org>
502 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
503 Revision bump to pull in genpatches-2.6.19-3 for #157186.
504
505 17 Dec 2006; Christian Heim <phreak@gentoo.org>
506 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
507 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
508 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
509 hardened-sources-2.6.19-r1.ebuild:
510 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
511 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
512
513 *hardened-sources-2.4.33.4 (17 Dec 2006)
514
515 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
516 +hardened-sources-2.4.33.4.ebuild:
517 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
518 and quilting
519
520 *hardened-sources-2.6.19-r1 (14 Dec 2006)
521
522 14 Dec 2006; Christian Heim <phreak@gentoo.org>
523 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
524 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
525 for reporting).
526
527 *hardened-sources-2.6.19 (13 Dec 2006)
528
529 13 Dec 2006; Christian Heim <phreak@gentoo.org>
530 +hardened-sources-2.6.19.ebuild:
531 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
532 Brad for providing that prompt update.
533
534 *hardened-sources-2.6.18-r3 (13 Dec 2006)
535
536 13 Dec 2006; Christian Heim <phreak@gentoo.org>
537 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
538 +hardened-sources-2.6.18-r3.ebuild:
539 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
540 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
541
542 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
543 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
544
545 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
546 Stable on ppc wrt bug 157356
547
548 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
549 hardened-sources-2.6.18.ebuild:
550 stable x86, bug #157356
551
552 *hardened-sources-2.6.18-r2 (06 Dec 2006)
553
554 06 Dec 2006; Christian Heim <phreak@gentoo.org>
555 +hardened-sources-2.6.18-r2.ebuild:
556 Revision bump, including 2.6.18.5 (via genpatches) and
557 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
558 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
559 redesign.
560
561 06 Dec 2006; Christian Heim <phreak@gentoo.org>
562 hardened-sources-2.6.18.ebuild:
563 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
564 of Mike Doty).
565
566 *hardened-sources-2.6.18-r1 (23 Nov 2006)
567
568 23 Nov 2006; Christian Heim <phreak@gentoo.org>
569 +hardened-sources-2.6.18-r1.ebuild:
570 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
571
572 *hardened-sources-2.6.18 (11 Nov 2006)
573
574 11 Nov 2006; Christian Heim <phreak@gentoo.org>
575 +hardened-sources-2.6.18.ebuild:
576 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
577
578 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
579 - mark amd64 stable also. bug #151877
580
581 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
582 - mark 2.6.17-r1 stable
583
584 27 Aug 2006; Christian Heim <phreak@gentoo.org>
585 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
586 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
587
588 *hardened-sources-2.6.17-r1 (26 Aug 2006)
589
590 26 Aug 2006; Christian Heim <phreak@gentoo.org>
591 +hardened-sources-2.6.17-r1.ebuild:
592 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
593 grsecurity patch.
594
595 *hardened-sources-2.6.17 (17 Aug 2006)
596
597 17 Aug 2006; Christian Heim <phreak@gentoo.org>
598 +hardened-sources-2.6.17.ebuild:
599 Bumping the hardened-sources-2.6 series to 2.6.17, using
600 genpatches-2.6.17-6.base.
601
602 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
603 - stable on x86 and amd64
604
605 *hardened-sources-2.6.16-r11 (15 Jul 2006)
606
607 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
608 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
609 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
610 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
611 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
612 crusty ebuilds
613
614 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
615 hardened-sources-2.6.16-r10.ebuild:
616 marking stable on x86 and amd64
617
618 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
619 - 2.4.32-r6 stable on x86. RSBAC state unknown
620
621 *hardened-sources-2.4.32-r7 (10 Jul 2006)
622
623 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
624 +hardened-sources-2.4.32-r7.ebuild:
625 Bump PaX for RSBAC to test-17
626
627 *hardened-sources-2.6.16-r9 (03 Jul 2006)
628
629 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
630 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
631 hardened-sources-2.6.16 bump to latest -base.
632
633 *hardened-sources-2.4.32-r6 (30 Jun 2006)
634
635 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
636 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
637 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
638 sysctl controlable resource logging
639
640 *hardened-sources-2.6.16-r7 (05 Jun 2006)
641
642 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
643 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
644 push new 2.6.16 release in preparation for stable
645
646 22 May 2006; <solar@gentoo.org> :
647 - redigest bug 134002
648
649 *hardened-sources-2.4.32-r5 (16 May 2006)
650
651 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
652 +hardened-sources-2.4.32-r5.ebuild:
653 Fixes rsbac common patching (new patch in new -r5 patchset)
654
655 *hardened-sources-2.4.32-r4 (13 May 2006)
656
657 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
658 +hardened-sources-2.4.32-r4.ebuild:
659 - security bumps
660
661 *hardened-sources-2.6.16-r6 (03 May 2006)
662
663 03 May 2006; John Mylchreest <johnm@gentoo.org>
664 +hardened-sources-2.6.16-r6.ebuild:
665 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
666
667 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
668 hardened-sources-2.6.14-r8.ebuild:
669 fix x86_64 build problem, this will delay the digest issue again for a short
670 while but it will sort itself out
671
672 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
673 hardened-sources-2.6.14-r8.ebuild:
674 bump hardened patchset
675
676 27 Apr 2006; Alec Warner <antarus@gentoo.org>
677 files/digest-hardened-sources-2.4.32-r2,
678 files/digest-hardened-sources-2.4.32-r3,
679 files/digest-hardened-sources-2.6.14-r8, Manifest:
680 Fixing duff SHA256 digests: Bug # 131293
681
682 *hardened-sources-2.6.16-r5 (27 Apr 2006)
683
684 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
685 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
686 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
687 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
688 cleanup of old uneccessary sources
689
690 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
691 fix digest
692
693 *hardened-sources-2.6.14-r8 (20 Apr 2006)
694
695 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
696 +hardened-sources-2.6.14-r8.ebuild:
697 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
698
699 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
700 Turning on gpg-signing again, and recomitting
701
702 *hardened-sources-2.6.16-r4 (20 Apr 2006)
703
704 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
705 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
706 +hardened-sources-2.6.16-r4.ebuild:
707 Fix numerous security vulns
708
709 *hardened-sources-2.4.32-r3 (16 Apr 2006)
710
711 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
712 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
713 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
714 - security bump for bug #112791. Removed old ebuilds
715
716 *hardened-sources-2.6.16-r3 (15 Apr 2006)
717
718 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
719 +hardened-sources-2.6.16-r3.ebuild:
720 Removing silly localversion which I missed
721
722 *hardened-sources-2.6.14-r7 (14 Apr 2006)
723
724 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
725 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
726 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
727
728 *hardened-sources-2.6.16-r2 (13 Apr 2006)
729
730 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
731 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
732 +hardened-sources-2.6.16-r2.ebuild:
733 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
734 labels, dropping USERGROUP define fixes, since these were merged mainstream.
735
736 *hardened-sources-2.6.16-r1 (11 Apr 2006)
737
738 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
739 +hardened-sources-2.6.16-r1.ebuild:
740 Bumping to include ppc build fix and 2.6.16.3
741
742 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
743 hardened-sources-2.6.14-r6.ebuild:
744 Stable on x86; bug #127718
745
746 *hardened-sources-2.6.16 (31 Mar 2006)
747
748 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
749 +hardened-sources-2.6.16.ebuild:
750 Bumping to new version of grsec, and kernel base. New squashfs. Based on
751 2.6.16.1
752
753 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
754 hardened-sources-2.6.14-r6.ebuild:
755 Stable on amd64, bug 127718.
756
757 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
758 Stable on ppc. Bug #127718
759
760 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
761 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
762 -hardened-sources-2.6.14-r4.ebuild:
763 Cleanup.
764
765 *hardened-sources-2.6.14-r6 (15 Mar 2006)
766
767 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
768 +hardened-sources-2.6.14-r6.ebuild:
769 Fixes grsec policy recreation bug and adds a
770 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
771
772 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
773 - stable on x86
774
775 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
776 hardened-sources-2.6.14-r5.ebuild:
777 Stable on ppc.
778
779 *hardened-sources-2.6.14-r5 (01 Feb 2006)
780
781 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
782 +hardened-sources-2.6.14-r5.ebuild:
783 fixing every known exploit
784
785 *hardened-sources-2.4.32-r2 (26 Jan 2006)
786
787 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
788 +hardened-sources-2.4.32-r2.ebuild:
789 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
790
791 *hardened-sources-2.6.14-r4 (12 Jan 2006)
792
793 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
794 - version bump for new genpatches which fix up a few sec holes
795
796 *hardened-sources-2.4.32-r1 (05 Jan 2006)
797
798 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
799 - revision bump to add misc vital linux kernel security patches.
800
801 *hardened-sources-2.6.14-r3 (30 Dec 2005)
802
803 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
804 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
805 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
806
807 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
808 hardened-sources-2.6.14-r2.ebuild:
809 making x86 & amd64 stable following testing.
810
811 *hardened-sources-2.6.14-r2 (27 Dec 2005)
812
813 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
814 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
815 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
816 network hooks.
817
818 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
819 hardened-sources-2.6.14-r1.ebuild:
820 bumping to stable early for sec fix on x86 & amd64
821
822 *hardened-sources-2.6.14-r1 (05 Dec 2005)
823
824 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
825 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
826 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
827
828 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
829 - stable on x86 security bug #114227 CAN-2005-3257
830
831 *hardened-sources-2.4.32 (19 Nov 2005)
832
833 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
834 +hardened-sources-2.4.32.ebuild:
835 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
836 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
837 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
838 rsbac >> /etc/portage/package.use)
839
840 *hardened-sources-2.6.14 (14 Nov 2005)
841
842 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
843 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
844 Bumping 2.6 series to 2.6.14.2
845
846 *hardened-sources-2.6.13-r2 (20 Oct 2005)
847
848 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
849 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
850 +hardened-sources-2.6.13-r2.ebuild:
851 Fixes minor build error in ppc.
852
853 *hardened-sources-2.6.13-r1 (17 Oct 2005)
854
855 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
856 +hardened-sources-2.6.13-r1.ebuild:
857 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
858 2.6.13.4, fixes some major amd64 stability problems.
859
860 *hardened-sources-2.6.13 (16 Sep 2005)
861
862 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
863 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
864 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
865 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
866 users should test this thoroughly.
867
868 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
869 - stable on x86
870
871 *hardened-sources-2.6.11-r15 (27 Jun 2005)
872
873 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
874 +hardened-sources-2.6.11-r15.ebuild:
875 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
876 grsec redefining curr_ip struct.
877
878 *hardened-sources-2.4.31 (20 Jun 2005)
879
880 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
881 initial import of 2.4.31 tree
882
883 *hardened-sources-2.6.11-r14 (14 Jun 2005)
884
885 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
886 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
887 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
888 naming scheme to abide by genpatches
889
890 *hardened-sources-2.6.11-r13 (18 May 2005)
891
892 18 May 2005; John Mylchreest <johnm@gentoo.org>
893 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
894 Managed to mangle the Makefile patch from grsec, to miss out the grsec
895 target. sorry about that. Fixes bug #93022
896
897 *hardened-sources-2.6.11-r12 (17 May 2005)
898
899 17 May 2005; John Mylchreest <johnm@gentoo.org>
900 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
901 +hardened-sources-2.6.11-r12.ebuild:
902 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
903 merges in genpatches-base
904
905 *hardened-sources-2.6.11-r12 (17 May 2005)
906
907 17 May 2005; John Mylchreest <johnm@gentoo.org>
908 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
909 +hardened-sources-2.6.11-r12.ebuild:
910 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
911 merges in genpatches-base
912
913 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
914 -files/2.4.27-cmdline-race.patch,
915 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
916 -files/2.4.28-grsec-binfmt_a.out.patch,
917 -files/2.4.28-grsec-cmdline-race.patch,
918 -files/2.4.28-selinux-binfmt_a.out.patch,
919 -files/2.4.28-selinux-cmdline-race.patch,
920 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
921 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
922 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
923 cleanup..
924
925 *hardened-sources-2.4.30-r1 (21 Apr 2005)
926
927 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
928 - disable aout by default
929
930 *hardened-sources-2.4.30 (18 Apr 2005)
931
932 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
933 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
934 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
935 use
936
937 *hardened-sources-2.4.29 (30 Mar 2005)
938
939 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
940 +hardened-sources-2.4.29.ebuild:
941 New hardened-patches-2.4-29.0 patchball.
942 Removed SELinux support, upgraded GRSecurity to 2.1.4.
943
944 *hardened-sources-2.4.28-r5 (06 Mar 2005)
945
946 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
947 +hardened-sources-2.4.28-r5.ebuild:
948 Added a fix for a PaX vulnerability.
949
950 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
951 hardened-sources-2.4.28-r4.ebuild:
952 Stable on x86
953
954 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
955 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
956 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
957 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
958 - fixed/added RDEPEND= in all kernel-2 ebuilds
959
960 *hardened-sources-2.4.28-r4 (21 Jan 2005)
961
962 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
963 +hardened-sources-2.4.28-r4.ebuild:
964 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
965 backport of neighbour hash updates.
966
967 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
968 hardened-sources-2.4.28-r3.ebuild:
969 Stable on x86
970
971 *hardened-sources-2.6.10-r3 (20 Jan 2005)
972
973 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
974 +hardened-sources-2.6.10-r3.ebuild:
975 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
976 in 2005.0
977
978 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
979 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
980 hardened-sources-2.4.28-r2.ebuild:
981 Mark stable on x86
982
983 *hardened-sources-2.4.28-r3 (17 Jan 2005)
984
985 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
986 +hardened-sources-2.4.28-r3.ebuild:
987 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
988
989 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
990 hardened-sources-2.4.28.ebuild:
991 Mark stable on x86.
992
993 *hardened-sources-2.4.28-r2 (13 Jan 2005)
994
995 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
996 +hardened-sources-2.4.28-r2.ebuild:
997 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
998 Mazinger for grsecurity patches as well.
999
1000 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1001
1002 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1003 Security bump. Thank tocharian for rolling a new patchset...
1004
1005 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1006 +files/2.4.28-grsec-cmdline-race.patch,
1007 +files/2.4.28-selinux-binfmt_a.out.patch,
1008 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1009 - Round up remaining security patches that appear to be missing in 2.4.28. -
1010 PaX standalone updated to current. hgpv=28.1
1011
1012 *hardened-sources-2.4.28 (28 Nov 2004)
1013
1014 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1015 security bump. Thank tocharian for rolling a new patchset
1016
1017 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1018
1019 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1020 +hardened-sources-2.4.27-r3.ebuild:
1021 Applies the new 2.4-27.2 patchball which updates
1022 GRSecurity to the 2.0.1 version.
1023
1024 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1025
1026 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1027 +hardened-sources-2.4.27-r2.ebuild:
1028 Version bump.
1029 This version uses the new 2.4-27.1 patchball which updates
1030 both the SELinux PaX hooks patch and the SELinux headers.
1031
1032 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1033
1034 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1035 +hardened-sources-2.4.27-r1.ebuild,
1036 -hardened-sources-2.4.27.ebuild,
1037 +files/2.4.27-cmdline-race.patch:
1038 Version bump, fix for cmdline race. See bug #59905.
1039
1040 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1041
1042 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1043 +hardened-sources-2.4.26-r6.ebuild,
1044 -hardened-sources-2.4.26-r5.ebuild,
1045 -hardened-sources-2.4.26-r4.ebuild,
1046 +files/2.4.26-cmdline-race.patch:
1047 Version bump, fix for cmdline race. See bug #59905.
1048
1049 *hardened-sources-2.4.27 (08 Aug 2004)
1050
1051 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1052 +hardened-sources-2.4.27.ebuild,
1053 +files/2.4.27-CAN-2004-0394.patch:
1054 Ported the patchball to the 2.4.27 kernel version.
1055
1056 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1057
1058 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1059 +hardened-sources-2.4.26-r5.ebuild:
1060 Updated to use the new hardened-patches-2.4-26.1 patchball.
1061 It adds the following features:
1062 - Squashfs
1063 - Ebtables
1064 - Netdev random (core+drivers)
1065 - Watchdog Timer (WDT) fix.
1066
1067 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1068
1069 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1070 +hardened-sources-2.4.26-r4.ebuild,
1071 +files/2.4.26-CAN-2004-0415.patch,
1072 -hardened-sources-2.4.26-3:
1073 Version bump, fix for CAN 0415, see bug #59378.
1074
1075 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1076
1077 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1078 +hardened-sources-2.4.26-r3.ebuild,
1079 +files/2.4.26-CAN-2004-0497.patch,
1080 -hardened-sources-2.4.26-r2.ebuild:
1081 Version bump, fixed CAN 0497, see bug #56171.
1082
1083 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1084
1085 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1086 +hardened-sources-2.4.26-r2.ebuild,
1087 +files/2.4.26-CAN-2004-0495.patch,
1088 +files/2.4.26-CAN-2004-0535.patch,
1089 -hardened-sources-2.4.26-r1.ebuild:
1090 Fixes for both CAN 0495 and 0535, see bug #54976
1091
1092 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1093 hardened-sources-2.4.26-r1.ebuild:
1094 QA - fix use invocation
1095
1096 *hardened-sources-2.4.26-r1 (22 June 2004)
1097
1098 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1099 +hardened-sources-2.4.26-r1.ebuild,
1100 +files/2.4.26-CAN-2004-0394.patch,
1101 +files/2.4.26-signal-race.patch,
1102 -hardened-sources-2.4.26.ebuild,
1103 -hardened-sources-2.4.24-r3.ebuild:
1104 Version bump for the CAN-2004-0394 issue and bug #53804
1105 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1106
1107
1108 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1109 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1110 Masked hardened-sources-2.4.26.ebuild broken for ppc
1111
1112 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1113 hardened-sources-2.4.24-r3.ebuild:
1114 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1115
1116 *hardened-sources-2.4.26 (29 May 2004)
1117
1118 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1119 +hardened-sources-2.4.26.ebuild:
1120 Updated hardened-sources for the 2.4.26 kernel
1121 Removed broken components, updated almost everything.
1122
1123 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1124
1125 17 Apr 2004; <plasmaroo@gentoo.org>
1126 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1127 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1128 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1129 +hardened-sources-2.4.24-r3.ebuild:
1130 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1131 vulnerabilities. Old revisions removed.
1132
1133 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1134
1135 15 Apr 2004; <plasmaroo@gentoo.org>
1136 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1137 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1138 Version bump for the CAN-2004-0109 issue; bug #47881.
1139
1140 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1141 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1142 Add eutils to inherit.
1143
1144 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1145
1146 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1147 files/hardened-sources-2.4.24.munmap.patch:
1148 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1149
1150 *hardened-sources-2.4.24 (06 Feb 2004)
1151
1152 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1153 hardened-sources-2.4.24.ebuild:
1154 Version bump, updated most of the components.
1155 This release includes the following:
1156
1157 - Hardened security
1158 - Netfilter patch-o-matic 20031219
1159 - FreeSWAN 2.04 & x509 1.4.8
1160 - EVMS 2.2.2
1161 - XFS 1.3.1
1162 - cryptoloop jari
1163 - grsecurity 2.0-rc4
1164 - SELinux
1165 - PaX 200402060000
1166 - PaX Obscurity 200308302223
1167 - Others...
1168
1169 Neither -ck nor systrace are included anymore.
1170
1171 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1172
1173 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1174 hardened-sources-2.4.22-r2.ebuild:
1175 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1176
1177 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1178
1179 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1180 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1181
1182 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1183 hardened-sources-2.4.22-r1.ebuild:
1184 Version bump for the 'do_brk' vulnerability.
1185
1186 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1187 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1188 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1189 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1190 Fix the 'do_brk' vulnerability.
1191
1192 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1193 hardened-sources-2.4.22.ebuild:
1194 - Removed the src_install() portion for SELinux flask
1195 components. These are no longer handled in the kernel
1196 so this code was not necessary.
1197
1198 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1199 New 2.4.22 based hardened-sources thanks to
1200 Phil West <p.west@computer.org>.
1201
1202 These sources include:
1203 - New SELinux API
1204 - Updated CK-base
1205 - Updated GRSec
1206 - Systrace
1207 - SuperFreeS/WAN 1.99.8
1208 - Propolice kernel build support
1209 - EVMS
1210 - Other various security related patches
1211
1212 *hardened-sources-2.4.21 (14 Sep 2003)
1213
1214 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1215 Updated hardened-sources based on the 2.4.21 Linux kernel.
1216 This includes updates to most major components such as:
1217 - ck-base-0306300059
1218 - selinux-2.4-2003071106
1219 - grsecurity-2.0-rc1
1220 - Updated IPTables patch-o-matic
1221 - Updated SuperFreeS/WAN
1222
1223 Thanks to Phil West <pwest@computer.org> for his work in getting this
1224 updated patch set ready for the 2.4.21 based kernel.
1225
1226 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1227 Initial import of hardened-sources-2.4.20-r4. This revision
1228 includes only a few changes, but one of these is an important
1229 security fix. It is recommended all users of hardened-sources
1230 upgrade to this release.
1231
1232 - ioperm bug fix
1233 - fixed compilation failure when building without GRSec
1234
1235 SAL (Secure Auditing for Linux) is NOT included in this revision
1236 due to time constraints, but is planned for inclusion in the near
1237 future.
1238
1239 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1240
1241 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1242 hardened-sources-2.4.20-r3.ebuild:
1243 Add Header...
1244
1245 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1246 hardened-sources-2.4.20-r3.ebuild:
1247 Removed warnings from ebuild. This kernel should be safe to
1248 use at this point.
1249
1250 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1251
1252 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1253 hardened-sources-2.4.20-r3.ebuild:
1254 New revision. Includes the following changes over -r2:
1255
1256 - ck7-base (O(1), preempt, low latency)
1257 - Super FreeS/WAN 1.99.7rc2
1258 - PaX for the LSM/SELinux branch
1259 - GRSecurity 2.0-pre4 (role based access control)
1260 - Systrace 1.3
1261 - EXT3 fixes
1262 - EVMS 2.0.1
1263 - GCC 3.1+ compile optimizations
1264 - ProPolice kernel build support
1265 - Hashing table security fixes
1266
1267 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1268
1269 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1270 Initial import of hardened-sources-r2. This new
1271 ebuild includes many new performance and security
1272 related patches. As in -r1, it will patch in
1273 LSM/SELinux if "selinux" is in USE, otherwise it
1274 will patch in GRSecurity. The following patches
1275 are included in this revision:
1276
1277 - O(1) Scheduler, Low Latency, and Preempt
1278 (pulled from the base CK patch)
1279 - ptrace exploit patch for the LSM kernel
1280 (the GRSec patch already fixes this)
1281 - LSM 2.4-2003040709
1282 - SELinux 2.4-2003040709
1283 - Systrace v1.2
1284 - IPTables patch-o-matic base patches - 20030107
1285 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1286 - Super FreeS/WAN 1.99.6.1
1287 - GRSecurity 1.9.9g
1288 - MPPE
1289 - EXT3 data journal fix
1290 - CIPE 1.5.4
1291
1292 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1293 hardened-sources-2.4.20-r1.ebuild, manifest:
1294 Updated to install flask components correctly for selinux.
1295
1296 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1297 hardened-sources-2.4.20-r1.ebuild:
1298 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1299 is patched in instead. Ptrace patches for selinux have also been added. In
1300 either case, systrace support will be patched in as well.
1301
1302 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1303 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1304 Revision bump for new sources.
1305
1306 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1307 hardened-sources-2.4.20-r1.ebuild:
1308 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1309
1310 *hardened-sources-2.4.20 (30 Mar 2003)
1311
1312 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1313 hardened-sources-2.4.20.ebuild:
1314 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20