/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.212 - (show annotations) (download)
Mon Mar 24 15:05:49 2008 UTC (6 years, 6 months ago) by phreak
Branch: MAIN
Changes since 1.211: +5 -1 lines
Fixing SRC_URI for 2.4.35-r2.
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.211 2008/03/22 20:34:58 phreak Exp $
4
5 24 Mar 2008; Christian Heim <phreak@gentoo.org>
6 hardened-sources-2.4.35-r2.ebuild:
7 Fixing SRC_URI for 2.4.35-r2.
8
9 *hardened-sources-2.6.23-r9 (22 Mar 2008)
10
11 22 Mar 2008; Christian Heim <phreak@gentoo.org>
12 +hardened-sources-2.6.23-r9.ebuild:
13 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
14 * Change the default GIDs for some grsecurity options
15 * Revamp the Hardened [Gentoo] security level and make it the default level
16 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
17 * Fix a recursive lock -- call to capable() within ptrace_attach()
18 * Fix bug that allows audit and iscsi operations to be controlled via netlink
19
20 *hardened-sources-2.6.23-r8 (27 Feb 2008)
21
22 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
23 - version bump from Kerin Millar bug 210026
24
25 17 Feb 2008; <solar@gentoo.org> metadata.xml,
26 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
27 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
28 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
29 - stable on x86 and remove old ebuilds
30
31 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
32 - stable on amd64 per request of amd64 lead
33
34 *hardened-sources-2.6.23-r7 (11 Feb 2008)
35
36 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
37 - version bump from kerin.millar
38 Changes:
39
40 * Bump to genpatches-base-2.6.23-9
41 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
42 * Disables COMPAT_VDSO in x86/defconfig
43 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
44
45 25 Jan 2008; Christian Heim <phreak@gentoo.org>
46 -hardened-sources-2.6.22-r8.ebuild:
47 Cleaning up old versions.
48
49 *hardened-sources-2.6.23-r6 (25 Jan 2008)
50
51 25 Jan 2008; Christian Heim <phreak@gentoo.org>
52 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
53 Revision bump, pulling in the latest genpatches.
54
55 *hardened-sources-2.6.23-r5 (24 Dec 2007)
56
57 24 Dec 2007; Christian Heim <phreak@gentoo.org>
58 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
59 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
60 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
61 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
62
63 24 Dec 2007; Christian Heim <phreak@gentoo.org>
64 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
65 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
66 -hardened-sources-2.6.23-r3.ebuild:
67 Cleaning out some unused, old versions.
68
69 24 Dec 2007; Christian Heim <phreak@gentoo.org>
70 hardened-sources-2.6.23-r4.ebuild:
71 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
72 in the tree for long, but there isn't much of a difference between this and
73 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
74
75 *hardened-sources-2.6.23-r4 (23 Dec 2007)
76
77 23 Dec 2007; Christian Heim <phreak@gentoo.org>
78 +hardened-sources-2.6.23-r4.ebuild:
79 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
80
81 *hardened-sources-2.6.23-r3 (04 Dec 2007)
82
83 04 Dec 2007; Christian Heim <phreak@gentoo.org>
84 +hardened-sources-2.6.23-r3.ebuild:
85 Revision bump, pulling in 2.6.23.9.
86
87 *hardened-sources-2.6.23-r2 (25 Nov 2007)
88
89 25 Nov 2007; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.23-r2.ebuild:
91 Updated patchset, thanks to solar.
92
93 *hardened-sources-2.6.23-r1 (31 Oct 2007)
94
95 31 Oct 2007; Christian Heim <phreak@gentoo.org>
96 +hardened-sources-2.6.23-r1.ebuild:
97 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
98
99 29 Oct 2007; <solar@gentoo.org> metadata.xml:
100 - update metadata.xml
101
102 25 Oct 2007; Christian Heim <phreak@gentoo.org>
103 hardened-sources-2.6.22-r8.ebuild:
104 Marking 2.6.22-r8 stable on amd64 and x86.
105
106 21 Oct 2007; Christian Heim <phreak@gentoo.org>
107 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
108 -hardened-sources-2.6.21-r4.ebuild:
109 Removing old ebuilds.
110
111 *hardened-sources-2.4.35-r2 (21 Oct 2007)
112
113 21 Oct 2007; Christian Heim <phreak@gentoo.org>
114 +hardened-sources-2.4.35-r2.ebuild:
115 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
116 patches.
117
118 *hardened-sources-2.6.22-r8 (21 Oct 2007)
119
120 21 Oct 2007; Christian Heim <phreak@gentoo.org>
121 +hardened-sources-2.6.22-r8.ebuild:
122 Yet another new patch, hopefully fixing the remaining issues we had w/
123 2.6.22. Candidate for stabling.
124
125 *hardened-sources-2.6.23 (13 Oct 2007)
126
127 13 Oct 2007; Christian Heim <phreak@gentoo.org>
128 +hardened-sources-2.6.23.ebuild:
129 Initial hardened-sources-2.6.23. If people still have problems w/ bug
130 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
131
132 11 Oct 2007; Christian Heim <phreak@gentoo.org>
133 hardened-sources-2.6.20-r10.ebuild:
134 Pulling in yet another new genpatches version, fixing the PWC bug for real.
135
136 04 Oct 2007; Christian Heim <phreak@gentoo.org>
137 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
138 Removing old versions.
139
140 *hardened-sources-2.6.22-r7 (01 Oct 2007)
141
142 01 Oct 2007; Christian Heim <phreak@gentoo.org>
143 +hardened-sources-2.6.22-r7.ebuild:
144 Revision bump, pulling in a newer patch. Should fix #194276.
145
146 30 Sep 2007; Christian Heim <phreak@gentoo.org>
147 hardened-sources-2.6.20-r10.ebuild:
148 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
149 Mike Doty).
150
151 *hardened-sources-2.6.22-r6 (26 Sep 2007)
152
153 26 Sep 2007; Christian Heim <phreak@gentoo.org>
154 +hardened-sources-2.6.22-r6.ebuild:
155 Revision bump, grabbing up till Linux 2.6.22.9.
156
157 24 Sep 2007; Christian Heim <phreak@gentoo.org>
158 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
159 Cleaning up further.
160
161 *hardened-sources-2.6.20-r10 (24 Sep 2007)
162
163 24 Sep 2007; Christian Heim <phreak@gentoo.org>
164 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
165 +hardened-sources-2.6.20-r10.ebuild:
166 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
167 revisions.
168
169 *hardened-sources-2.6.22-r5 (22 Sep 2007)
170
171 22 Sep 2007; Christian Heim <phreak@gentoo.org>
172 +hardened-sources-2.6.22-r5.ebuild:
173 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
174
175 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
176 Removing johnm from metadata.xml (see #186467 for reference).
177
178 *hardened-sources-2.6.22-r4 (17 Sep 2007)
179
180 17 Sep 2007; Christian Heim <phreak@gentoo.org>
181 +hardened-sources-2.6.22-r4.ebuild:
182 Revision bump, hopefully fixing all those weird PAX failures.
183
184 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
185 Updating the metadata.xml.
186
187 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
188 Removing tocharian from metadata due to his retirement (see #71718 for
189 reference).
190
191 *hardened-sources-2.6.20-r9 (30 Aug 2007)
192
193 30 Aug 2007; Christian Heim <phreak@gentoo.org>
194 +hardened-sources-2.6.20-r9.ebuild:
195 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
196
197 29 Aug 2007; Christian Heim <phreak@gentoo.org>
198 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
199 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
200 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
201 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
202 -hardened-sources-2.6.22-r2.ebuild:
203 Removing some redundant versions.
204
205 *hardened-sources-2.4.35-r1 (29 Aug 2007)
206
207 29 Aug 2007; Christian Heim <phreak@gentoo.org>
208 +hardened-sources-2.4.35-r1.ebuild:
209 Revision bump, new grsecurity patch.
210
211 *hardened-sources-2.6.20-r8 (26 Aug 2007)
212
213 26 Aug 2007; Christian Heim <phreak@gentoo.org>
214 +hardened-sources-2.6.20-r8.ebuild:
215 Revision bump for Linux 2.6.20.17.
216
217 *hardened-sources-2.6.22-r3 (22 Aug 2007)
218
219 22 Aug 2007; Christian Heim <phreak@gentoo.org>
220 +hardened-sources-2.6.22-r3.ebuild:
221 Revision bump for Linux 2.6.22.4.
222
223 16 Aug 2007; Christian Heim <phreak@gentoo.org>
224 hardened-sources-2.6.22-r2.ebuild:
225 Updated patchset, to fix the alignment against 2.6.22.3.
226
227 *hardened-sources-2.6.22-r2 (16 Aug 2007)
228
229 16 Aug 2007; Christian Heim <phreak@gentoo.org>
230 +hardened-sources-2.6.22-r2.ebuild:
231 Revision bump for Linux 2.6.22.3.
232
233 *hardened-sources-2.4.35 (16 Aug 2007)
234
235 16 Aug 2007; Christian Heim <phreak@gentoo.org>
236 +hardened-sources-2.4.35.ebuild:
237 Version bump, initial version for Linux 2.4.35.
238
239 *hardened-sources-2.6.21-r4 (16 Aug 2007)
240
241 16 Aug 2007; Christian Heim <phreak@gentoo.org>
242 +hardened-sources-2.6.21-r4.ebuild:
243 Revision bump for Linux 2.6.21.6.
244
245 *hardened-sources-2.6.20-r7 (16 Aug 2007)
246
247 16 Aug 2007; Christian Heim <phreak@gentoo.org>
248 +hardened-sources-2.6.20-r7.ebuild:
249 Revision bump for Linux 2.6.20.16.
250
251 *hardened-sources-2.6.22-r1 (13 Aug 2007)
252
253 13 Aug 2007; Christian Heim <phreak@gentoo.org>
254 +hardened-sources-2.6.22-r1.ebuild:
255 Yet another revision bump.
256
257 *hardened-sources-2.6.22 (10 Aug 2007)
258
259 10 Aug 2007; Christian Heim <phreak@gentoo.org>
260 +hardened-sources-2.6.22.ebuild:
261 Initial release for 2.6.22. If you are using hardened-sources on a desktop
262 machine (P4 or newer), be aware you might need to disable
263 CONFIG_PAX_PAGEEXEC.
264
265 04 Aug 2007; Christian Heim <phreak@gentoo.org>
266 hardened-sources-2.6.20-r6.ebuild:
267 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
268 2.6.20.15.
269
270 10 Jul 2007; Christian Heim <phreak@gentoo.org>
271 hardened-sources-2.6.20-r5.ebuild:
272 Marking hardened-sources-2.6.20-r5 stable on ppc.
273
274 10 Jul 2007; Christian Heim <phreak@gentoo.org>
275 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
276 Cleanup.
277
278 *hardened-sources-2.6.20-r6 (08 Jul 2007)
279
280 08 Jul 2007; Christian Heim <phreak@gentoo.org>
281 +hardened-sources-2.6.20-r6.ebuild:
282 Revision bump, grabbing yet another stable release.
283
284 17 Jun 2007; Christian Heim <phreak@gentoo.org>
285 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
286 -hardened-sources-2.6.21-r2.ebuild:
287 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
288 alpha stable KEYWORD by mistake.
289
290 17 Jun 2007; Christian Heim <phreak@gentoo.org>
291 hardened-sources-2.6.20-r5.ebuild:
292 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
293 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
294
295 *hardened-sources-2.6.21-r3 (12 Jun 2007)
296
297 12 Jun 2007; Christian Heim <phreak@gentoo.org>
298 +hardened-sources-2.6.21-r3.ebuild:
299 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
300 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
301 love.
302
303 *hardened-sources-2.6.20-r5 (11 Jun 2007)
304
305 11 Jun 2007; Christian Heim <phreak@gentoo.org>
306 +hardened-sources-2.6.20-r5.ebuild:
307 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
308 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
309 love.
310
311 *hardened-sources-2.4.34.5 (11 Jun 2007)
312
313 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
314 +hardened-sources-2.4.34.5.ebuild:
315 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
316
317 30 May 2007; Christian Heim <phreak@gentoo.org>
318 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
319 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
320 stale ebuild(s).
321
322 30 May 2007; Christian Heim <phreak@gentoo.org>
323 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
324 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
325 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
326 Doing some cleanups, remove stale ebuilds.
327
328 26 May 2007; Christian Heim <phreak@gentoo.org>
329 hardened-sources-2.6.21-r2.ebuild:
330 Fixing the grsecurity patch, had one '};' too much.
331
332 *hardened-sources-2.6.21-r2 (26 May 2007)
333
334 26 May 2007; Christian Heim <phreak@gentoo.org>
335 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
336 +hardened-sources-2.6.21-r2.ebuild:
337 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
338 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
339
340 *hardened-sources-2.6.20-r4 (26 May 2007)
341
342 26 May 2007; Christian Heim <phreak@gentoo.org>
343 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
344 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
345 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
346
347 15 May 2007; Christian Heim <phreak@gentoo.org>
348 hardened-sources-2.6.20-r3.ebuild:
349 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
350 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
351 grsecurity patch fail in that exact same hunk.
352
353 *hardened-sources-2.6.20-r3 (15 May 2007)
354
355 15 May 2007; Christian Heim <phreak@gentoo.org>
356 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
357 Revision bump, incorporating Linux 2.6.20.11.
358
359 *hardened-sources-2.6.21-r1 (11 May 2007)
360
361 11 May 2007; Christian Heim <phreak@gentoo.org>
362 +hardened-sources-2.6.21-r1.ebuild:
363 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
364 mentioned in #177234.
365
366 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
367 files/digest-hardened-sources-2.6.21, Manifest:
368 Fix Manifest/digest for linux-2.6.21.tar.bz2
369
370 06 May 2007; Christian Heim <phreak@gentoo.org>
371 hardened-sources-2.6.21.ebuild:
372 Bumping the hardened-patches version, needed for the fix for #177234.
373
374 *hardened-sources-2.6.21 (02 May 2007)
375
376 02 May 2007; Christian Heim <phreak@gentoo.org>
377 +hardened-sources-2.6.21.ebuild:
378 Version bump, Linux 2.6.21-hardened.
379
380 29 Apr 2007; Christian Heim <phreak@gentoo.org>
381 hardened-sources-2.6.20-r2.ebuild:
382 Adding ~ia64 on Ned's request.
383
384 29 Apr 2007; Christian Heim <phreak@gentoo.org>
385 hardened-sources-2.6.20-r2.ebuild:
386 Fixing the included grsecurity patch, wasn't alligning due to the Index:
387 header line(s).
388
389 29 Apr 2007; Christian Heim <phreak@gentoo.org>
390 hardened-sources-2.6.20-r2.ebuild:
391 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
392
393 *hardened-sources-2.6.20-r2 (10 Apr 2007)
394
395 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
396 +hardened-sources-2.6.20-r2.ebuild:
397 Version bump, on behalf of phreak
398
399 *hardened-sources-2.6.20-r1 (04 Apr 2007)
400
401 04 Apr 2007; Christian Heim <phreak@gentoo.org>
402 +hardened-sources-2.6.20-r1.ebuild:
403 Revision bump, grabbing a newer grsecurity snapshot.
404
405 *hardened-sources-2.6.20 (25 Mar 2007)
406
407 25 Mar 2007; Christian Heim <phreak@gentoo.org>
408 +hardened-sources-2.6.20.ebuild:
409 Finally a hardened-sources version for 2.6.20; many people have been waiting
410 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
411 testbox.
412
413 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
414 hardened-sources-2.6.18-r6.ebuild:
415 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
416
417 *hardened-sources-2.6.18-r6 (16 Mar 2007)
418
419 16 Mar 2007; Christian Heim <phreak@gentoo.org>
420 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
421 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
422 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
423 supposed to be.
424
425 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
426 Fixing the Manifest, the previous one was broken (as in still had the
427 deleted ebuild in it).
428
429 06 Mar 2007; Christian Heim <phreak@gentoo.org>
430 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
431 +hardened-sources-2.6.18-r5.ebuild:
432 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
433 Linux 2.6.18.8. Also cleaning up the older version.
434
435 *hardened-sources-2.6.18-r5 (06 Mar 2007)
436
437 06 Mar 2007; Christian Heim <phreak@gentoo.org>
438 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
439 +hardened-sources-2.6.18-r5.ebuild:
440 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
441 Linux 2.6.18.8. Also cleaning up the older version.
442
443 24 Feb 2007; Christian Heim <phreak@gentoo.org>
444 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
445 -hardened-sources-2.6.19-r5.ebuild:
446 Removing some of the old version, that didn't work.
447
448 *hardened-sources-2.6.19-r6 (12 Feb 2007)
449
450 12 Feb 2007; Christian Heim <phreak@gentoo.org>
451 +hardened-sources-2.6.19-r6.ebuild:
452 Revision bump, including a new grsec version fixing #166235.
453
454 *hardened-sources-2.4.34 (24 Jan 2007)
455
456 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
457 Manifest:
458 updating Manifest with checksums of new tarball and ebuild
459
460 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
461 +hardened-sources-2.4.34.ebuild:
462 I added new hardened sources 2.4 update, this is a critical path
463 security bugfix - all users of h-s are strongly advised
464 to update their existing hardened sources to this version.
465 It contains a fix for a kernel vulnerability that is pertaining
466 to the PaX changes to virtual memory management, possibly leading
467 to a local kernel exploit ... see grsecurity.net forums and homepage
468
469 23 Jan 2007; Christian Heim <phreak@gentoo.org>
470 files/digest-hardened-sources-2.6.19-r5, Manifest:
471 Fixing the patch-tarball digest.
472
473 *hardened-sources-2.6.19-r5 (23 Jan 2007)
474
475 23 Jan 2007; Christian Heim <phreak@gentoo.org>
476 +hardened-sources-2.6.19-r5.ebuild:
477 Revision bump, closing the recently discovered PaX expand_stack()
478 vulnerability.
479
480 *hardened-sources-2.6.19-r4 (14 Jan 2007)
481
482 14 Jan 2007; Christian Heim <phreak@gentoo.org>
483 +hardened-sources-2.6.19-r4.ebuild:
484 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
485 dropping the randomized PID feature.
486
487 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
488 hardened-sources-2.4.33.4.ebuild:
489 stable x86, bug #161171
490
491 *hardened-sources-2.6.19-r3 (27 Dec 2006)
492
493 27 Dec 2006; Christian Heim <phreak@gentoo.org>
494 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
495 Revision bump for bug #157186 and #158786.
496
497 *hardened-sources-2.6.18-r4 (27 Dec 2006)
498
499 27 Dec 2006; Christian Heim <phreak@gentoo.org>
500 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
501 Revision bump for bug #157186.
502
503 *hardened-sources-2.6.19-r2 (23 Dec 2006)
504
505 23 Dec 2006; Christian Heim <phreak@gentoo.org>
506 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
507 Revision bump to pull in genpatches-2.6.19-3 for #157186.
508
509 17 Dec 2006; Christian Heim <phreak@gentoo.org>
510 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
511 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
512 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
513 hardened-sources-2.6.19-r1.ebuild:
514 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
515 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
516
517 *hardened-sources-2.4.33.4 (17 Dec 2006)
518
519 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
520 +hardened-sources-2.4.33.4.ebuild:
521 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
522 and quilting
523
524 *hardened-sources-2.6.19-r1 (14 Dec 2006)
525
526 14 Dec 2006; Christian Heim <phreak@gentoo.org>
527 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
528 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
529 for reporting).
530
531 *hardened-sources-2.6.19 (13 Dec 2006)
532
533 13 Dec 2006; Christian Heim <phreak@gentoo.org>
534 +hardened-sources-2.6.19.ebuild:
535 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
536 Brad for providing that prompt update.
537
538 *hardened-sources-2.6.18-r3 (13 Dec 2006)
539
540 13 Dec 2006; Christian Heim <phreak@gentoo.org>
541 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
542 +hardened-sources-2.6.18-r3.ebuild:
543 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
544 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
545
546 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
547 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
548
549 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
550 Stable on ppc wrt bug 157356
551
552 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
553 hardened-sources-2.6.18.ebuild:
554 stable x86, bug #157356
555
556 *hardened-sources-2.6.18-r2 (06 Dec 2006)
557
558 06 Dec 2006; Christian Heim <phreak@gentoo.org>
559 +hardened-sources-2.6.18-r2.ebuild:
560 Revision bump, including 2.6.18.5 (via genpatches) and
561 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
562 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
563 redesign.
564
565 06 Dec 2006; Christian Heim <phreak@gentoo.org>
566 hardened-sources-2.6.18.ebuild:
567 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
568 of Mike Doty).
569
570 *hardened-sources-2.6.18-r1 (23 Nov 2006)
571
572 23 Nov 2006; Christian Heim <phreak@gentoo.org>
573 +hardened-sources-2.6.18-r1.ebuild:
574 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
575
576 *hardened-sources-2.6.18 (11 Nov 2006)
577
578 11 Nov 2006; Christian Heim <phreak@gentoo.org>
579 +hardened-sources-2.6.18.ebuild:
580 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
581
582 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
583 - mark amd64 stable also. bug #151877
584
585 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
586 - mark 2.6.17-r1 stable
587
588 27 Aug 2006; Christian Heim <phreak@gentoo.org>
589 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
590 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
591
592 *hardened-sources-2.6.17-r1 (26 Aug 2006)
593
594 26 Aug 2006; Christian Heim <phreak@gentoo.org>
595 +hardened-sources-2.6.17-r1.ebuild:
596 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
597 grsecurity patch.
598
599 *hardened-sources-2.6.17 (17 Aug 2006)
600
601 17 Aug 2006; Christian Heim <phreak@gentoo.org>
602 +hardened-sources-2.6.17.ebuild:
603 Bumping the hardened-sources-2.6 series to 2.6.17, using
604 genpatches-2.6.17-6.base.
605
606 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
607 - stable on x86 and amd64
608
609 *hardened-sources-2.6.16-r11 (15 Jul 2006)
610
611 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
612 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
613 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
614 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
615 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
616 crusty ebuilds
617
618 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
619 hardened-sources-2.6.16-r10.ebuild:
620 marking stable on x86 and amd64
621
622 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
623 - 2.4.32-r6 stable on x86. RSBAC state unknown
624
625 *hardened-sources-2.4.32-r7 (10 Jul 2006)
626
627 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
628 +hardened-sources-2.4.32-r7.ebuild:
629 Bump PaX for RSBAC to test-17
630
631 *hardened-sources-2.6.16-r9 (03 Jul 2006)
632
633 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
634 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
635 hardened-sources-2.6.16 bump to latest -base.
636
637 *hardened-sources-2.4.32-r6 (30 Jun 2006)
638
639 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
640 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
641 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
642 sysctl controlable resource logging
643
644 *hardened-sources-2.6.16-r7 (05 Jun 2006)
645
646 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
647 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
648 push new 2.6.16 release in preparation for stable
649
650 22 May 2006; <solar@gentoo.org> :
651 - redigest bug 134002
652
653 *hardened-sources-2.4.32-r5 (16 May 2006)
654
655 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
656 +hardened-sources-2.4.32-r5.ebuild:
657 Fixes rsbac common patching (new patch in new -r5 patchset)
658
659 *hardened-sources-2.4.32-r4 (13 May 2006)
660
661 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
662 +hardened-sources-2.4.32-r4.ebuild:
663 - security bumps
664
665 *hardened-sources-2.6.16-r6 (03 May 2006)
666
667 03 May 2006; John Mylchreest <johnm@gentoo.org>
668 +hardened-sources-2.6.16-r6.ebuild:
669 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
670
671 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
672 hardened-sources-2.6.14-r8.ebuild:
673 fix x86_64 build problem, this will delay the digest issue again for a short
674 while but it will sort itself out
675
676 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
677 hardened-sources-2.6.14-r8.ebuild:
678 bump hardened patchset
679
680 27 Apr 2006; Alec Warner <antarus@gentoo.org>
681 files/digest-hardened-sources-2.4.32-r2,
682 files/digest-hardened-sources-2.4.32-r3,
683 files/digest-hardened-sources-2.6.14-r8, Manifest:
684 Fixing duff SHA256 digests: Bug # 131293
685
686 *hardened-sources-2.6.16-r5 (27 Apr 2006)
687
688 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
689 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
690 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
691 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
692 cleanup of old uneccessary sources
693
694 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
695 fix digest
696
697 *hardened-sources-2.6.14-r8 (20 Apr 2006)
698
699 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
700 +hardened-sources-2.6.14-r8.ebuild:
701 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
702
703 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
704 Turning on gpg-signing again, and recomitting
705
706 *hardened-sources-2.6.16-r4 (20 Apr 2006)
707
708 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
709 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
710 +hardened-sources-2.6.16-r4.ebuild:
711 Fix numerous security vulns
712
713 *hardened-sources-2.4.32-r3 (16 Apr 2006)
714
715 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
716 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
717 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
718 - security bump for bug #112791. Removed old ebuilds
719
720 *hardened-sources-2.6.16-r3 (15 Apr 2006)
721
722 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
723 +hardened-sources-2.6.16-r3.ebuild:
724 Removing silly localversion which I missed
725
726 *hardened-sources-2.6.14-r7 (14 Apr 2006)
727
728 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
729 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
730 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
731
732 *hardened-sources-2.6.16-r2 (13 Apr 2006)
733
734 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
735 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
736 +hardened-sources-2.6.16-r2.ebuild:
737 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
738 labels, dropping USERGROUP define fixes, since these were merged mainstream.
739
740 *hardened-sources-2.6.16-r1 (11 Apr 2006)
741
742 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
743 +hardened-sources-2.6.16-r1.ebuild:
744 Bumping to include ppc build fix and 2.6.16.3
745
746 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
747 hardened-sources-2.6.14-r6.ebuild:
748 Stable on x86; bug #127718
749
750 *hardened-sources-2.6.16 (31 Mar 2006)
751
752 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
753 +hardened-sources-2.6.16.ebuild:
754 Bumping to new version of grsec, and kernel base. New squashfs. Based on
755 2.6.16.1
756
757 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
758 hardened-sources-2.6.14-r6.ebuild:
759 Stable on amd64, bug 127718.
760
761 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
762 Stable on ppc. Bug #127718
763
764 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
765 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
766 -hardened-sources-2.6.14-r4.ebuild:
767 Cleanup.
768
769 *hardened-sources-2.6.14-r6 (15 Mar 2006)
770
771 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
772 +hardened-sources-2.6.14-r6.ebuild:
773 Fixes grsec policy recreation bug and adds a
774 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
775
776 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
777 - stable on x86
778
779 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
780 hardened-sources-2.6.14-r5.ebuild:
781 Stable on ppc.
782
783 *hardened-sources-2.6.14-r5 (01 Feb 2006)
784
785 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
786 +hardened-sources-2.6.14-r5.ebuild:
787 fixing every known exploit
788
789 *hardened-sources-2.4.32-r2 (26 Jan 2006)
790
791 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
792 +hardened-sources-2.4.32-r2.ebuild:
793 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
794
795 *hardened-sources-2.6.14-r4 (12 Jan 2006)
796
797 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
798 - version bump for new genpatches which fix up a few sec holes
799
800 *hardened-sources-2.4.32-r1 (05 Jan 2006)
801
802 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
803 - revision bump to add misc vital linux kernel security patches.
804
805 *hardened-sources-2.6.14-r3 (30 Dec 2005)
806
807 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
808 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
809 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
810
811 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
812 hardened-sources-2.6.14-r2.ebuild:
813 making x86 & amd64 stable following testing.
814
815 *hardened-sources-2.6.14-r2 (27 Dec 2005)
816
817 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
818 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
819 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
820 network hooks.
821
822 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
823 hardened-sources-2.6.14-r1.ebuild:
824 bumping to stable early for sec fix on x86 & amd64
825
826 *hardened-sources-2.6.14-r1 (05 Dec 2005)
827
828 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
829 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
830 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
831
832 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
833 - stable on x86 security bug #114227 CAN-2005-3257
834
835 *hardened-sources-2.4.32 (19 Nov 2005)
836
837 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
838 +hardened-sources-2.4.32.ebuild:
839 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
840 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
841 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
842 rsbac >> /etc/portage/package.use)
843
844 *hardened-sources-2.6.14 (14 Nov 2005)
845
846 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
847 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
848 Bumping 2.6 series to 2.6.14.2
849
850 *hardened-sources-2.6.13-r2 (20 Oct 2005)
851
852 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
853 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
854 +hardened-sources-2.6.13-r2.ebuild:
855 Fixes minor build error in ppc.
856
857 *hardened-sources-2.6.13-r1 (17 Oct 2005)
858
859 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
860 +hardened-sources-2.6.13-r1.ebuild:
861 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
862 2.6.13.4, fixes some major amd64 stability problems.
863
864 *hardened-sources-2.6.13 (16 Sep 2005)
865
866 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
867 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
868 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
869 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
870 users should test this thoroughly.
871
872 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
873 - stable on x86
874
875 *hardened-sources-2.6.11-r15 (27 Jun 2005)
876
877 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
878 +hardened-sources-2.6.11-r15.ebuild:
879 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
880 grsec redefining curr_ip struct.
881
882 *hardened-sources-2.4.31 (20 Jun 2005)
883
884 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
885 initial import of 2.4.31 tree
886
887 *hardened-sources-2.6.11-r14 (14 Jun 2005)
888
889 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
890 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
891 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
892 naming scheme to abide by genpatches
893
894 *hardened-sources-2.6.11-r13 (18 May 2005)
895
896 18 May 2005; John Mylchreest <johnm@gentoo.org>
897 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
898 Managed to mangle the Makefile patch from grsec, to miss out the grsec
899 target. sorry about that. Fixes bug #93022
900
901 *hardened-sources-2.6.11-r12 (17 May 2005)
902
903 17 May 2005; John Mylchreest <johnm@gentoo.org>
904 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
905 +hardened-sources-2.6.11-r12.ebuild:
906 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
907 merges in genpatches-base
908
909 *hardened-sources-2.6.11-r12 (17 May 2005)
910
911 17 May 2005; John Mylchreest <johnm@gentoo.org>
912 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
913 +hardened-sources-2.6.11-r12.ebuild:
914 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
915 merges in genpatches-base
916
917 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
918 -files/2.4.27-cmdline-race.patch,
919 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
920 -files/2.4.28-grsec-binfmt_a.out.patch,
921 -files/2.4.28-grsec-cmdline-race.patch,
922 -files/2.4.28-selinux-binfmt_a.out.patch,
923 -files/2.4.28-selinux-cmdline-race.patch,
924 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
925 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
926 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
927 cleanup..
928
929 *hardened-sources-2.4.30-r1 (21 Apr 2005)
930
931 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
932 - disable aout by default
933
934 *hardened-sources-2.4.30 (18 Apr 2005)
935
936 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
937 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
938 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
939 use
940
941 *hardened-sources-2.4.29 (30 Mar 2005)
942
943 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
944 +hardened-sources-2.4.29.ebuild:
945 New hardened-patches-2.4-29.0 patchball.
946 Removed SELinux support, upgraded GRSecurity to 2.1.4.
947
948 *hardened-sources-2.4.28-r5 (06 Mar 2005)
949
950 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
951 +hardened-sources-2.4.28-r5.ebuild:
952 Added a fix for a PaX vulnerability.
953
954 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
955 hardened-sources-2.4.28-r4.ebuild:
956 Stable on x86
957
958 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
959 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
960 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
961 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
962 - fixed/added RDEPEND= in all kernel-2 ebuilds
963
964 *hardened-sources-2.4.28-r4 (21 Jan 2005)
965
966 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
967 +hardened-sources-2.4.28-r4.ebuild:
968 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
969 backport of neighbour hash updates.
970
971 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
972 hardened-sources-2.4.28-r3.ebuild:
973 Stable on x86
974
975 *hardened-sources-2.6.10-r3 (20 Jan 2005)
976
977 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
978 +hardened-sources-2.6.10-r3.ebuild:
979 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
980 in 2005.0
981
982 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
983 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
984 hardened-sources-2.4.28-r2.ebuild:
985 Mark stable on x86
986
987 *hardened-sources-2.4.28-r3 (17 Jan 2005)
988
989 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
990 +hardened-sources-2.4.28-r3.ebuild:
991 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
992
993 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
994 hardened-sources-2.4.28.ebuild:
995 Mark stable on x86.
996
997 *hardened-sources-2.4.28-r2 (13 Jan 2005)
998
999 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1000 +hardened-sources-2.4.28-r2.ebuild:
1001 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1002 Mazinger for grsecurity patches as well.
1003
1004 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1005
1006 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1007 Security bump. Thank tocharian for rolling a new patchset...
1008
1009 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1010 +files/2.4.28-grsec-cmdline-race.patch,
1011 +files/2.4.28-selinux-binfmt_a.out.patch,
1012 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1013 - Round up remaining security patches that appear to be missing in 2.4.28. -
1014 PaX standalone updated to current. hgpv=28.1
1015
1016 *hardened-sources-2.4.28 (28 Nov 2004)
1017
1018 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1019 security bump. Thank tocharian for rolling a new patchset
1020
1021 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1022
1023 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1024 +hardened-sources-2.4.27-r3.ebuild:
1025 Applies the new 2.4-27.2 patchball which updates
1026 GRSecurity to the 2.0.1 version.
1027
1028 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1029
1030 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1031 +hardened-sources-2.4.27-r2.ebuild:
1032 Version bump.
1033 This version uses the new 2.4-27.1 patchball which updates
1034 both the SELinux PaX hooks patch and the SELinux headers.
1035
1036 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1037
1038 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1039 +hardened-sources-2.4.27-r1.ebuild,
1040 -hardened-sources-2.4.27.ebuild,
1041 +files/2.4.27-cmdline-race.patch:
1042 Version bump, fix for cmdline race. See bug #59905.
1043
1044 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1045
1046 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1047 +hardened-sources-2.4.26-r6.ebuild,
1048 -hardened-sources-2.4.26-r5.ebuild,
1049 -hardened-sources-2.4.26-r4.ebuild,
1050 +files/2.4.26-cmdline-race.patch:
1051 Version bump, fix for cmdline race. See bug #59905.
1052
1053 *hardened-sources-2.4.27 (08 Aug 2004)
1054
1055 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1056 +hardened-sources-2.4.27.ebuild,
1057 +files/2.4.27-CAN-2004-0394.patch:
1058 Ported the patchball to the 2.4.27 kernel version.
1059
1060 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1061
1062 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1063 +hardened-sources-2.4.26-r5.ebuild:
1064 Updated to use the new hardened-patches-2.4-26.1 patchball.
1065 It adds the following features:
1066 - Squashfs
1067 - Ebtables
1068 - Netdev random (core+drivers)
1069 - Watchdog Timer (WDT) fix.
1070
1071 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1072
1073 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1074 +hardened-sources-2.4.26-r4.ebuild,
1075 +files/2.4.26-CAN-2004-0415.patch,
1076 -hardened-sources-2.4.26-3:
1077 Version bump, fix for CAN 0415, see bug #59378.
1078
1079 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1080
1081 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1082 +hardened-sources-2.4.26-r3.ebuild,
1083 +files/2.4.26-CAN-2004-0497.patch,
1084 -hardened-sources-2.4.26-r2.ebuild:
1085 Version bump, fixed CAN 0497, see bug #56171.
1086
1087 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1088
1089 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1090 +hardened-sources-2.4.26-r2.ebuild,
1091 +files/2.4.26-CAN-2004-0495.patch,
1092 +files/2.4.26-CAN-2004-0535.patch,
1093 -hardened-sources-2.4.26-r1.ebuild:
1094 Fixes for both CAN 0495 and 0535, see bug #54976
1095
1096 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1097 hardened-sources-2.4.26-r1.ebuild:
1098 QA - fix use invocation
1099
1100 *hardened-sources-2.4.26-r1 (22 June 2004)
1101
1102 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1103 +hardened-sources-2.4.26-r1.ebuild,
1104 +files/2.4.26-CAN-2004-0394.patch,
1105 +files/2.4.26-signal-race.patch,
1106 -hardened-sources-2.4.26.ebuild,
1107 -hardened-sources-2.4.24-r3.ebuild:
1108 Version bump for the CAN-2004-0394 issue and bug #53804
1109 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1110
1111
1112 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1113 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1114 Masked hardened-sources-2.4.26.ebuild broken for ppc
1115
1116 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1117 hardened-sources-2.4.24-r3.ebuild:
1118 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1119
1120 *hardened-sources-2.4.26 (29 May 2004)
1121
1122 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1123 +hardened-sources-2.4.26.ebuild:
1124 Updated hardened-sources for the 2.4.26 kernel
1125 Removed broken components, updated almost everything.
1126
1127 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1128
1129 17 Apr 2004; <plasmaroo@gentoo.org>
1130 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1131 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1132 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1133 +hardened-sources-2.4.24-r3.ebuild:
1134 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1135 vulnerabilities. Old revisions removed.
1136
1137 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1138
1139 15 Apr 2004; <plasmaroo@gentoo.org>
1140 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1141 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1142 Version bump for the CAN-2004-0109 issue; bug #47881.
1143
1144 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1145 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1146 Add eutils to inherit.
1147
1148 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1149
1150 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1151 files/hardened-sources-2.4.24.munmap.patch:
1152 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1153
1154 *hardened-sources-2.4.24 (06 Feb 2004)
1155
1156 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1157 hardened-sources-2.4.24.ebuild:
1158 Version bump, updated most of the components.
1159 This release includes the following:
1160
1161 - Hardened security
1162 - Netfilter patch-o-matic 20031219
1163 - FreeSWAN 2.04 & x509 1.4.8
1164 - EVMS 2.2.2
1165 - XFS 1.3.1
1166 - cryptoloop jari
1167 - grsecurity 2.0-rc4
1168 - SELinux
1169 - PaX 200402060000
1170 - PaX Obscurity 200308302223
1171 - Others...
1172
1173 Neither -ck nor systrace are included anymore.
1174
1175 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1176
1177 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1178 hardened-sources-2.4.22-r2.ebuild:
1179 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1180
1181 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1182
1183 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1184 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1185
1186 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1187 hardened-sources-2.4.22-r1.ebuild:
1188 Version bump for the 'do_brk' vulnerability.
1189
1190 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1191 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1192 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1193 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1194 Fix the 'do_brk' vulnerability.
1195
1196 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1197 hardened-sources-2.4.22.ebuild:
1198 - Removed the src_install() portion for SELinux flask
1199 components. These are no longer handled in the kernel
1200 so this code was not necessary.
1201
1202 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1203 New 2.4.22 based hardened-sources thanks to
1204 Phil West <p.west@computer.org>.
1205
1206 These sources include:
1207 - New SELinux API
1208 - Updated CK-base
1209 - Updated GRSec
1210 - Systrace
1211 - SuperFreeS/WAN 1.99.8
1212 - Propolice kernel build support
1213 - EVMS
1214 - Other various security related patches
1215
1216 *hardened-sources-2.4.21 (14 Sep 2003)
1217
1218 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1219 Updated hardened-sources based on the 2.4.21 Linux kernel.
1220 This includes updates to most major components such as:
1221 - ck-base-0306300059
1222 - selinux-2.4-2003071106
1223 - grsecurity-2.0-rc1
1224 - Updated IPTables patch-o-matic
1225 - Updated SuperFreeS/WAN
1226
1227 Thanks to Phil West <pwest@computer.org> for his work in getting this
1228 updated patch set ready for the 2.4.21 based kernel.
1229
1230 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1231 Initial import of hardened-sources-2.4.20-r4. This revision
1232 includes only a few changes, but one of these is an important
1233 security fix. It is recommended all users of hardened-sources
1234 upgrade to this release.
1235
1236 - ioperm bug fix
1237 - fixed compilation failure when building without GRSec
1238
1239 SAL (Secure Auditing for Linux) is NOT included in this revision
1240 due to time constraints, but is planned for inclusion in the near
1241 future.
1242
1243 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1244
1245 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1246 hardened-sources-2.4.20-r3.ebuild:
1247 Add Header...
1248
1249 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1250 hardened-sources-2.4.20-r3.ebuild:
1251 Removed warnings from ebuild. This kernel should be safe to
1252 use at this point.
1253
1254 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1255
1256 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1257 hardened-sources-2.4.20-r3.ebuild:
1258 New revision. Includes the following changes over -r2:
1259
1260 - ck7-base (O(1), preempt, low latency)
1261 - Super FreeS/WAN 1.99.7rc2
1262 - PaX for the LSM/SELinux branch
1263 - GRSecurity 2.0-pre4 (role based access control)
1264 - Systrace 1.3
1265 - EXT3 fixes
1266 - EVMS 2.0.1
1267 - GCC 3.1+ compile optimizations
1268 - ProPolice kernel build support
1269 - Hashing table security fixes
1270
1271 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1272
1273 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1274 Initial import of hardened-sources-r2. This new
1275 ebuild includes many new performance and security
1276 related patches. As in -r1, it will patch in
1277 LSM/SELinux if "selinux" is in USE, otherwise it
1278 will patch in GRSecurity. The following patches
1279 are included in this revision:
1280
1281 - O(1) Scheduler, Low Latency, and Preempt
1282 (pulled from the base CK patch)
1283 - ptrace exploit patch for the LSM kernel
1284 (the GRSec patch already fixes this)
1285 - LSM 2.4-2003040709
1286 - SELinux 2.4-2003040709
1287 - Systrace v1.2
1288 - IPTables patch-o-matic base patches - 20030107
1289 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1290 - Super FreeS/WAN 1.99.6.1
1291 - GRSecurity 1.9.9g
1292 - MPPE
1293 - EXT3 data journal fix
1294 - CIPE 1.5.4
1295
1296 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1297 hardened-sources-2.4.20-r1.ebuild, manifest:
1298 Updated to install flask components correctly for selinux.
1299
1300 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1301 hardened-sources-2.4.20-r1.ebuild:
1302 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1303 is patched in instead. Ptrace patches for selinux have also been added. In
1304 either case, systrace support will be patched in as well.
1305
1306 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1307 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1308 Revision bump for new sources.
1309
1310 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1311 hardened-sources-2.4.20-r1.ebuild:
1312 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1313
1314 *hardened-sources-2.4.20 (30 Mar 2003)
1315
1316 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1317 hardened-sources-2.4.20.ebuild:
1318 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20