/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.215 - (show annotations) (download)
Mon Apr 7 21:04:27 2008 UTC (6 years, 3 months ago) by solar
Branch: MAIN
Changes since 1.214: +5 -1 lines
- stable on x86/amd64 per request. Removed obsolete ebuilds
(Portage version: 2.1.3.19)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.214 2008/04/07 13:07:00 phreak Exp $
4
5 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
6 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
7 - stable on x86/amd64 per request. Removed obsolete ebuilds
8
9 *hardened-sources-2.6.24 (07 Apr 2008)
10
11 07 Apr 2008; Christian Heim <phreak@gentoo.org>
12 +hardened-sources-2.6.24.ebuild:
13 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
14 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
15 for the many contributions and their continued effort in #216612) based on
16 2.6.24 and genpatches-2.6.24-5.
17
18 The current ebuild/patchset contains these things:
19 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
20 * Introduces bespoke server and workstation oriented security levels
21 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
22
23 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
24 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
25 maintaining it).
26
27 24 Mar 2008; Christian Heim <phreak@gentoo.org>
28 hardened-sources-2.4.35-r2.ebuild:
29 Fixing SRC_URI for 2.4.35-r2.
30
31 *hardened-sources-2.6.23-r9 (22 Mar 2008)
32
33 22 Mar 2008; Christian Heim <phreak@gentoo.org>
34 +hardened-sources-2.6.23-r9.ebuild:
35 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
36 * Change the default GIDs for some grsecurity options
37 * Revamp the Hardened [Gentoo] security level and make it the default level
38 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
39 * Fix a recursive lock -- call to capable() within ptrace_attach()
40 * Fix bug that allows audit and iscsi operations to be controlled via netlink
41
42 *hardened-sources-2.6.23-r8 (27 Feb 2008)
43
44 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
45 - version bump from Kerin Millar bug 210026
46
47 17 Feb 2008; <solar@gentoo.org> metadata.xml,
48 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
49 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
50 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
51 - stable on x86 and remove old ebuilds
52
53 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
54 - stable on amd64 per request of amd64 lead
55
56 *hardened-sources-2.6.23-r7 (11 Feb 2008)
57
58 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
59 - version bump from kerin.millar
60 Changes:
61
62 * Bump to genpatches-base-2.6.23-9
63 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
64 * Disables COMPAT_VDSO in x86/defconfig
65 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
66
67 25 Jan 2008; Christian Heim <phreak@gentoo.org>
68 -hardened-sources-2.6.22-r8.ebuild:
69 Cleaning up old versions.
70
71 *hardened-sources-2.6.23-r6 (25 Jan 2008)
72
73 25 Jan 2008; Christian Heim <phreak@gentoo.org>
74 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
75 Revision bump, pulling in the latest genpatches.
76
77 *hardened-sources-2.6.23-r5 (24 Dec 2007)
78
79 24 Dec 2007; Christian Heim <phreak@gentoo.org>
80 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
81 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
82 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
83 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
84
85 24 Dec 2007; Christian Heim <phreak@gentoo.org>
86 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
87 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
88 -hardened-sources-2.6.23-r3.ebuild:
89 Cleaning out some unused, old versions.
90
91 24 Dec 2007; Christian Heim <phreak@gentoo.org>
92 hardened-sources-2.6.23-r4.ebuild:
93 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
94 in the tree for long, but there isn't much of a difference between this and
95 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
96
97 *hardened-sources-2.6.23-r4 (23 Dec 2007)
98
99 23 Dec 2007; Christian Heim <phreak@gentoo.org>
100 +hardened-sources-2.6.23-r4.ebuild:
101 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
102
103 *hardened-sources-2.6.23-r3 (04 Dec 2007)
104
105 04 Dec 2007; Christian Heim <phreak@gentoo.org>
106 +hardened-sources-2.6.23-r3.ebuild:
107 Revision bump, pulling in 2.6.23.9.
108
109 *hardened-sources-2.6.23-r2 (25 Nov 2007)
110
111 25 Nov 2007; Christian Heim <phreak@gentoo.org>
112 +hardened-sources-2.6.23-r2.ebuild:
113 Updated patchset, thanks to solar.
114
115 *hardened-sources-2.6.23-r1 (31 Oct 2007)
116
117 31 Oct 2007; Christian Heim <phreak@gentoo.org>
118 +hardened-sources-2.6.23-r1.ebuild:
119 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
120
121 29 Oct 2007; <solar@gentoo.org> metadata.xml:
122 - update metadata.xml
123
124 25 Oct 2007; Christian Heim <phreak@gentoo.org>
125 hardened-sources-2.6.22-r8.ebuild:
126 Marking 2.6.22-r8 stable on amd64 and x86.
127
128 21 Oct 2007; Christian Heim <phreak@gentoo.org>
129 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
130 -hardened-sources-2.6.21-r4.ebuild:
131 Removing old ebuilds.
132
133 *hardened-sources-2.4.35-r2 (21 Oct 2007)
134
135 21 Oct 2007; Christian Heim <phreak@gentoo.org>
136 +hardened-sources-2.4.35-r2.ebuild:
137 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
138 patches.
139
140 *hardened-sources-2.6.22-r8 (21 Oct 2007)
141
142 21 Oct 2007; Christian Heim <phreak@gentoo.org>
143 +hardened-sources-2.6.22-r8.ebuild:
144 Yet another new patch, hopefully fixing the remaining issues we had w/
145 2.6.22. Candidate for stabling.
146
147 *hardened-sources-2.6.23 (13 Oct 2007)
148
149 13 Oct 2007; Christian Heim <phreak@gentoo.org>
150 +hardened-sources-2.6.23.ebuild:
151 Initial hardened-sources-2.6.23. If people still have problems w/ bug
152 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
153
154 11 Oct 2007; Christian Heim <phreak@gentoo.org>
155 hardened-sources-2.6.20-r10.ebuild:
156 Pulling in yet another new genpatches version, fixing the PWC bug for real.
157
158 04 Oct 2007; Christian Heim <phreak@gentoo.org>
159 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
160 Removing old versions.
161
162 *hardened-sources-2.6.22-r7 (01 Oct 2007)
163
164 01 Oct 2007; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.22-r7.ebuild:
166 Revision bump, pulling in a newer patch. Should fix #194276.
167
168 30 Sep 2007; Christian Heim <phreak@gentoo.org>
169 hardened-sources-2.6.20-r10.ebuild:
170 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
171 Mike Doty).
172
173 *hardened-sources-2.6.22-r6 (26 Sep 2007)
174
175 26 Sep 2007; Christian Heim <phreak@gentoo.org>
176 +hardened-sources-2.6.22-r6.ebuild:
177 Revision bump, grabbing up till Linux 2.6.22.9.
178
179 24 Sep 2007; Christian Heim <phreak@gentoo.org>
180 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
181 Cleaning up further.
182
183 *hardened-sources-2.6.20-r10 (24 Sep 2007)
184
185 24 Sep 2007; Christian Heim <phreak@gentoo.org>
186 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
187 +hardened-sources-2.6.20-r10.ebuild:
188 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
189 revisions.
190
191 *hardened-sources-2.6.22-r5 (22 Sep 2007)
192
193 22 Sep 2007; Christian Heim <phreak@gentoo.org>
194 +hardened-sources-2.6.22-r5.ebuild:
195 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
196
197 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
198 Removing johnm from metadata.xml (see #186467 for reference).
199
200 *hardened-sources-2.6.22-r4 (17 Sep 2007)
201
202 17 Sep 2007; Christian Heim <phreak@gentoo.org>
203 +hardened-sources-2.6.22-r4.ebuild:
204 Revision bump, hopefully fixing all those weird PAX failures.
205
206 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
207 Updating the metadata.xml.
208
209 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
210 Removing tocharian from metadata due to his retirement (see #71718 for
211 reference).
212
213 *hardened-sources-2.6.20-r9 (30 Aug 2007)
214
215 30 Aug 2007; Christian Heim <phreak@gentoo.org>
216 +hardened-sources-2.6.20-r9.ebuild:
217 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
218
219 29 Aug 2007; Christian Heim <phreak@gentoo.org>
220 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
221 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
222 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
223 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
224 -hardened-sources-2.6.22-r2.ebuild:
225 Removing some redundant versions.
226
227 *hardened-sources-2.4.35-r1 (29 Aug 2007)
228
229 29 Aug 2007; Christian Heim <phreak@gentoo.org>
230 +hardened-sources-2.4.35-r1.ebuild:
231 Revision bump, new grsecurity patch.
232
233 *hardened-sources-2.6.20-r8 (26 Aug 2007)
234
235 26 Aug 2007; Christian Heim <phreak@gentoo.org>
236 +hardened-sources-2.6.20-r8.ebuild:
237 Revision bump for Linux 2.6.20.17.
238
239 *hardened-sources-2.6.22-r3 (22 Aug 2007)
240
241 22 Aug 2007; Christian Heim <phreak@gentoo.org>
242 +hardened-sources-2.6.22-r3.ebuild:
243 Revision bump for Linux 2.6.22.4.
244
245 16 Aug 2007; Christian Heim <phreak@gentoo.org>
246 hardened-sources-2.6.22-r2.ebuild:
247 Updated patchset, to fix the alignment against 2.6.22.3.
248
249 *hardened-sources-2.6.22-r2 (16 Aug 2007)
250
251 16 Aug 2007; Christian Heim <phreak@gentoo.org>
252 +hardened-sources-2.6.22-r2.ebuild:
253 Revision bump for Linux 2.6.22.3.
254
255 *hardened-sources-2.4.35 (16 Aug 2007)
256
257 16 Aug 2007; Christian Heim <phreak@gentoo.org>
258 +hardened-sources-2.4.35.ebuild:
259 Version bump, initial version for Linux 2.4.35.
260
261 *hardened-sources-2.6.21-r4 (16 Aug 2007)
262
263 16 Aug 2007; Christian Heim <phreak@gentoo.org>
264 +hardened-sources-2.6.21-r4.ebuild:
265 Revision bump for Linux 2.6.21.6.
266
267 *hardened-sources-2.6.20-r7 (16 Aug 2007)
268
269 16 Aug 2007; Christian Heim <phreak@gentoo.org>
270 +hardened-sources-2.6.20-r7.ebuild:
271 Revision bump for Linux 2.6.20.16.
272
273 *hardened-sources-2.6.22-r1 (13 Aug 2007)
274
275 13 Aug 2007; Christian Heim <phreak@gentoo.org>
276 +hardened-sources-2.6.22-r1.ebuild:
277 Yet another revision bump.
278
279 *hardened-sources-2.6.22 (10 Aug 2007)
280
281 10 Aug 2007; Christian Heim <phreak@gentoo.org>
282 +hardened-sources-2.6.22.ebuild:
283 Initial release for 2.6.22. If you are using hardened-sources on a desktop
284 machine (P4 or newer), be aware you might need to disable
285 CONFIG_PAX_PAGEEXEC.
286
287 04 Aug 2007; Christian Heim <phreak@gentoo.org>
288 hardened-sources-2.6.20-r6.ebuild:
289 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
290 2.6.20.15.
291
292 10 Jul 2007; Christian Heim <phreak@gentoo.org>
293 hardened-sources-2.6.20-r5.ebuild:
294 Marking hardened-sources-2.6.20-r5 stable on ppc.
295
296 10 Jul 2007; Christian Heim <phreak@gentoo.org>
297 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
298 Cleanup.
299
300 *hardened-sources-2.6.20-r6 (08 Jul 2007)
301
302 08 Jul 2007; Christian Heim <phreak@gentoo.org>
303 +hardened-sources-2.6.20-r6.ebuild:
304 Revision bump, grabbing yet another stable release.
305
306 17 Jun 2007; Christian Heim <phreak@gentoo.org>
307 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
308 -hardened-sources-2.6.21-r2.ebuild:
309 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
310 alpha stable KEYWORD by mistake.
311
312 17 Jun 2007; Christian Heim <phreak@gentoo.org>
313 hardened-sources-2.6.20-r5.ebuild:
314 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
315 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
316
317 *hardened-sources-2.6.21-r3 (12 Jun 2007)
318
319 12 Jun 2007; Christian Heim <phreak@gentoo.org>
320 +hardened-sources-2.6.21-r3.ebuild:
321 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
322 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
323 love.
324
325 *hardened-sources-2.6.20-r5 (11 Jun 2007)
326
327 11 Jun 2007; Christian Heim <phreak@gentoo.org>
328 +hardened-sources-2.6.20-r5.ebuild:
329 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
330 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
331 love.
332
333 *hardened-sources-2.4.34.5 (11 Jun 2007)
334
335 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
336 +hardened-sources-2.4.34.5.ebuild:
337 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
338
339 30 May 2007; Christian Heim <phreak@gentoo.org>
340 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
341 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
342 stale ebuild(s).
343
344 30 May 2007; Christian Heim <phreak@gentoo.org>
345 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
346 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
347 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
348 Doing some cleanups, remove stale ebuilds.
349
350 26 May 2007; Christian Heim <phreak@gentoo.org>
351 hardened-sources-2.6.21-r2.ebuild:
352 Fixing the grsecurity patch, had one '};' too much.
353
354 *hardened-sources-2.6.21-r2 (26 May 2007)
355
356 26 May 2007; Christian Heim <phreak@gentoo.org>
357 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
358 +hardened-sources-2.6.21-r2.ebuild:
359 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
360 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
361
362 *hardened-sources-2.6.20-r4 (26 May 2007)
363
364 26 May 2007; Christian Heim <phreak@gentoo.org>
365 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
366 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
367 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
368
369 15 May 2007; Christian Heim <phreak@gentoo.org>
370 hardened-sources-2.6.20-r3.ebuild:
371 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
372 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
373 grsecurity patch fail in that exact same hunk.
374
375 *hardened-sources-2.6.20-r3 (15 May 2007)
376
377 15 May 2007; Christian Heim <phreak@gentoo.org>
378 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
379 Revision bump, incorporating Linux 2.6.20.11.
380
381 *hardened-sources-2.6.21-r1 (11 May 2007)
382
383 11 May 2007; Christian Heim <phreak@gentoo.org>
384 +hardened-sources-2.6.21-r1.ebuild:
385 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
386 mentioned in #177234.
387
388 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
389 files/digest-hardened-sources-2.6.21, Manifest:
390 Fix Manifest/digest for linux-2.6.21.tar.bz2
391
392 06 May 2007; Christian Heim <phreak@gentoo.org>
393 hardened-sources-2.6.21.ebuild:
394 Bumping the hardened-patches version, needed for the fix for #177234.
395
396 *hardened-sources-2.6.21 (02 May 2007)
397
398 02 May 2007; Christian Heim <phreak@gentoo.org>
399 +hardened-sources-2.6.21.ebuild:
400 Version bump, Linux 2.6.21-hardened.
401
402 29 Apr 2007; Christian Heim <phreak@gentoo.org>
403 hardened-sources-2.6.20-r2.ebuild:
404 Adding ~ia64 on Ned's request.
405
406 29 Apr 2007; Christian Heim <phreak@gentoo.org>
407 hardened-sources-2.6.20-r2.ebuild:
408 Fixing the included grsecurity patch, wasn't alligning due to the Index:
409 header line(s).
410
411 29 Apr 2007; Christian Heim <phreak@gentoo.org>
412 hardened-sources-2.6.20-r2.ebuild:
413 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
414
415 *hardened-sources-2.6.20-r2 (10 Apr 2007)
416
417 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
418 +hardened-sources-2.6.20-r2.ebuild:
419 Version bump, on behalf of phreak
420
421 *hardened-sources-2.6.20-r1 (04 Apr 2007)
422
423 04 Apr 2007; Christian Heim <phreak@gentoo.org>
424 +hardened-sources-2.6.20-r1.ebuild:
425 Revision bump, grabbing a newer grsecurity snapshot.
426
427 *hardened-sources-2.6.20 (25 Mar 2007)
428
429 25 Mar 2007; Christian Heim <phreak@gentoo.org>
430 +hardened-sources-2.6.20.ebuild:
431 Finally a hardened-sources version for 2.6.20; many people have been waiting
432 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
433 testbox.
434
435 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
436 hardened-sources-2.6.18-r6.ebuild:
437 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
438
439 *hardened-sources-2.6.18-r6 (16 Mar 2007)
440
441 16 Mar 2007; Christian Heim <phreak@gentoo.org>
442 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
443 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
444 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
445 supposed to be.
446
447 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
448 Fixing the Manifest, the previous one was broken (as in still had the
449 deleted ebuild in it).
450
451 06 Mar 2007; Christian Heim <phreak@gentoo.org>
452 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
453 +hardened-sources-2.6.18-r5.ebuild:
454 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
455 Linux 2.6.18.8. Also cleaning up the older version.
456
457 *hardened-sources-2.6.18-r5 (06 Mar 2007)
458
459 06 Mar 2007; Christian Heim <phreak@gentoo.org>
460 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
461 +hardened-sources-2.6.18-r5.ebuild:
462 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
463 Linux 2.6.18.8. Also cleaning up the older version.
464
465 24 Feb 2007; Christian Heim <phreak@gentoo.org>
466 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
467 -hardened-sources-2.6.19-r5.ebuild:
468 Removing some of the old version, that didn't work.
469
470 *hardened-sources-2.6.19-r6 (12 Feb 2007)
471
472 12 Feb 2007; Christian Heim <phreak@gentoo.org>
473 +hardened-sources-2.6.19-r6.ebuild:
474 Revision bump, including a new grsec version fixing #166235.
475
476 *hardened-sources-2.4.34 (24 Jan 2007)
477
478 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
479 Manifest:
480 updating Manifest with checksums of new tarball and ebuild
481
482 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
483 +hardened-sources-2.4.34.ebuild:
484 I added new hardened sources 2.4 update, this is a critical path
485 security bugfix - all users of h-s are strongly advised
486 to update their existing hardened sources to this version.
487 It contains a fix for a kernel vulnerability that is pertaining
488 to the PaX changes to virtual memory management, possibly leading
489 to a local kernel exploit ... see grsecurity.net forums and homepage
490
491 23 Jan 2007; Christian Heim <phreak@gentoo.org>
492 files/digest-hardened-sources-2.6.19-r5, Manifest:
493 Fixing the patch-tarball digest.
494
495 *hardened-sources-2.6.19-r5 (23 Jan 2007)
496
497 23 Jan 2007; Christian Heim <phreak@gentoo.org>
498 +hardened-sources-2.6.19-r5.ebuild:
499 Revision bump, closing the recently discovered PaX expand_stack()
500 vulnerability.
501
502 *hardened-sources-2.6.19-r4 (14 Jan 2007)
503
504 14 Jan 2007; Christian Heim <phreak@gentoo.org>
505 +hardened-sources-2.6.19-r4.ebuild:
506 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
507 dropping the randomized PID feature.
508
509 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
510 hardened-sources-2.4.33.4.ebuild:
511 stable x86, bug #161171
512
513 *hardened-sources-2.6.19-r3 (27 Dec 2006)
514
515 27 Dec 2006; Christian Heim <phreak@gentoo.org>
516 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
517 Revision bump for bug #157186 and #158786.
518
519 *hardened-sources-2.6.18-r4 (27 Dec 2006)
520
521 27 Dec 2006; Christian Heim <phreak@gentoo.org>
522 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
523 Revision bump for bug #157186.
524
525 *hardened-sources-2.6.19-r2 (23 Dec 2006)
526
527 23 Dec 2006; Christian Heim <phreak@gentoo.org>
528 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
529 Revision bump to pull in genpatches-2.6.19-3 for #157186.
530
531 17 Dec 2006; Christian Heim <phreak@gentoo.org>
532 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
533 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
534 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
535 hardened-sources-2.6.19-r1.ebuild:
536 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
537 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
538
539 *hardened-sources-2.4.33.4 (17 Dec 2006)
540
541 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
542 +hardened-sources-2.4.33.4.ebuild:
543 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
544 and quilting
545
546 *hardened-sources-2.6.19-r1 (14 Dec 2006)
547
548 14 Dec 2006; Christian Heim <phreak@gentoo.org>
549 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
550 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
551 for reporting).
552
553 *hardened-sources-2.6.19 (13 Dec 2006)
554
555 13 Dec 2006; Christian Heim <phreak@gentoo.org>
556 +hardened-sources-2.6.19.ebuild:
557 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
558 Brad for providing that prompt update.
559
560 *hardened-sources-2.6.18-r3 (13 Dec 2006)
561
562 13 Dec 2006; Christian Heim <phreak@gentoo.org>
563 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
564 +hardened-sources-2.6.18-r3.ebuild:
565 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
566 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
567
568 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
569 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
570
571 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
572 Stable on ppc wrt bug 157356
573
574 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
575 hardened-sources-2.6.18.ebuild:
576 stable x86, bug #157356
577
578 *hardened-sources-2.6.18-r2 (06 Dec 2006)
579
580 06 Dec 2006; Christian Heim <phreak@gentoo.org>
581 +hardened-sources-2.6.18-r2.ebuild:
582 Revision bump, including 2.6.18.5 (via genpatches) and
583 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
584 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
585 redesign.
586
587 06 Dec 2006; Christian Heim <phreak@gentoo.org>
588 hardened-sources-2.6.18.ebuild:
589 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
590 of Mike Doty).
591
592 *hardened-sources-2.6.18-r1 (23 Nov 2006)
593
594 23 Nov 2006; Christian Heim <phreak@gentoo.org>
595 +hardened-sources-2.6.18-r1.ebuild:
596 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
597
598 *hardened-sources-2.6.18 (11 Nov 2006)
599
600 11 Nov 2006; Christian Heim <phreak@gentoo.org>
601 +hardened-sources-2.6.18.ebuild:
602 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
603
604 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
605 - mark amd64 stable also. bug #151877
606
607 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
608 - mark 2.6.17-r1 stable
609
610 27 Aug 2006; Christian Heim <phreak@gentoo.org>
611 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
612 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
613
614 *hardened-sources-2.6.17-r1 (26 Aug 2006)
615
616 26 Aug 2006; Christian Heim <phreak@gentoo.org>
617 +hardened-sources-2.6.17-r1.ebuild:
618 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
619 grsecurity patch.
620
621 *hardened-sources-2.6.17 (17 Aug 2006)
622
623 17 Aug 2006; Christian Heim <phreak@gentoo.org>
624 +hardened-sources-2.6.17.ebuild:
625 Bumping the hardened-sources-2.6 series to 2.6.17, using
626 genpatches-2.6.17-6.base.
627
628 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
629 - stable on x86 and amd64
630
631 *hardened-sources-2.6.16-r11 (15 Jul 2006)
632
633 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
634 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
635 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
636 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
637 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
638 crusty ebuilds
639
640 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
641 hardened-sources-2.6.16-r10.ebuild:
642 marking stable on x86 and amd64
643
644 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
645 - 2.4.32-r6 stable on x86. RSBAC state unknown
646
647 *hardened-sources-2.4.32-r7 (10 Jul 2006)
648
649 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
650 +hardened-sources-2.4.32-r7.ebuild:
651 Bump PaX for RSBAC to test-17
652
653 *hardened-sources-2.6.16-r9 (03 Jul 2006)
654
655 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
656 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
657 hardened-sources-2.6.16 bump to latest -base.
658
659 *hardened-sources-2.4.32-r6 (30 Jun 2006)
660
661 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
662 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
663 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
664 sysctl controlable resource logging
665
666 *hardened-sources-2.6.16-r7 (05 Jun 2006)
667
668 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
669 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
670 push new 2.6.16 release in preparation for stable
671
672 22 May 2006; <solar@gentoo.org> :
673 - redigest bug 134002
674
675 *hardened-sources-2.4.32-r5 (16 May 2006)
676
677 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
678 +hardened-sources-2.4.32-r5.ebuild:
679 Fixes rsbac common patching (new patch in new -r5 patchset)
680
681 *hardened-sources-2.4.32-r4 (13 May 2006)
682
683 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
684 +hardened-sources-2.4.32-r4.ebuild:
685 - security bumps
686
687 *hardened-sources-2.6.16-r6 (03 May 2006)
688
689 03 May 2006; John Mylchreest <johnm@gentoo.org>
690 +hardened-sources-2.6.16-r6.ebuild:
691 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
692
693 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
694 hardened-sources-2.6.14-r8.ebuild:
695 fix x86_64 build problem, this will delay the digest issue again for a short
696 while but it will sort itself out
697
698 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
699 hardened-sources-2.6.14-r8.ebuild:
700 bump hardened patchset
701
702 27 Apr 2006; Alec Warner <antarus@gentoo.org>
703 files/digest-hardened-sources-2.4.32-r2,
704 files/digest-hardened-sources-2.4.32-r3,
705 files/digest-hardened-sources-2.6.14-r8, Manifest:
706 Fixing duff SHA256 digests: Bug # 131293
707
708 *hardened-sources-2.6.16-r5 (27 Apr 2006)
709
710 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
711 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
712 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
713 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
714 cleanup of old uneccessary sources
715
716 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
717 fix digest
718
719 *hardened-sources-2.6.14-r8 (20 Apr 2006)
720
721 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
722 +hardened-sources-2.6.14-r8.ebuild:
723 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
724
725 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
726 Turning on gpg-signing again, and recomitting
727
728 *hardened-sources-2.6.16-r4 (20 Apr 2006)
729
730 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
731 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
732 +hardened-sources-2.6.16-r4.ebuild:
733 Fix numerous security vulns
734
735 *hardened-sources-2.4.32-r3 (16 Apr 2006)
736
737 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
738 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
739 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
740 - security bump for bug #112791. Removed old ebuilds
741
742 *hardened-sources-2.6.16-r3 (15 Apr 2006)
743
744 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
745 +hardened-sources-2.6.16-r3.ebuild:
746 Removing silly localversion which I missed
747
748 *hardened-sources-2.6.14-r7 (14 Apr 2006)
749
750 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
751 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
752 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
753
754 *hardened-sources-2.6.16-r2 (13 Apr 2006)
755
756 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
757 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
758 +hardened-sources-2.6.16-r2.ebuild:
759 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
760 labels, dropping USERGROUP define fixes, since these were merged mainstream.
761
762 *hardened-sources-2.6.16-r1 (11 Apr 2006)
763
764 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
765 +hardened-sources-2.6.16-r1.ebuild:
766 Bumping to include ppc build fix and 2.6.16.3
767
768 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
769 hardened-sources-2.6.14-r6.ebuild:
770 Stable on x86; bug #127718
771
772 *hardened-sources-2.6.16 (31 Mar 2006)
773
774 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
775 +hardened-sources-2.6.16.ebuild:
776 Bumping to new version of grsec, and kernel base. New squashfs. Based on
777 2.6.16.1
778
779 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
780 hardened-sources-2.6.14-r6.ebuild:
781 Stable on amd64, bug 127718.
782
783 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
784 Stable on ppc. Bug #127718
785
786 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
787 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
788 -hardened-sources-2.6.14-r4.ebuild:
789 Cleanup.
790
791 *hardened-sources-2.6.14-r6 (15 Mar 2006)
792
793 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
794 +hardened-sources-2.6.14-r6.ebuild:
795 Fixes grsec policy recreation bug and adds a
796 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
797
798 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
799 - stable on x86
800
801 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
802 hardened-sources-2.6.14-r5.ebuild:
803 Stable on ppc.
804
805 *hardened-sources-2.6.14-r5 (01 Feb 2006)
806
807 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
808 +hardened-sources-2.6.14-r5.ebuild:
809 fixing every known exploit
810
811 *hardened-sources-2.4.32-r2 (26 Jan 2006)
812
813 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
814 +hardened-sources-2.4.32-r2.ebuild:
815 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
816
817 *hardened-sources-2.6.14-r4 (12 Jan 2006)
818
819 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
820 - version bump for new genpatches which fix up a few sec holes
821
822 *hardened-sources-2.4.32-r1 (05 Jan 2006)
823
824 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
825 - revision bump to add misc vital linux kernel security patches.
826
827 *hardened-sources-2.6.14-r3 (30 Dec 2005)
828
829 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
830 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
831 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
832
833 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
834 hardened-sources-2.6.14-r2.ebuild:
835 making x86 & amd64 stable following testing.
836
837 *hardened-sources-2.6.14-r2 (27 Dec 2005)
838
839 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
840 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
841 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
842 network hooks.
843
844 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
845 hardened-sources-2.6.14-r1.ebuild:
846 bumping to stable early for sec fix on x86 & amd64
847
848 *hardened-sources-2.6.14-r1 (05 Dec 2005)
849
850 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
851 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
852 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
853
854 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
855 - stable on x86 security bug #114227 CAN-2005-3257
856
857 *hardened-sources-2.4.32 (19 Nov 2005)
858
859 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
860 +hardened-sources-2.4.32.ebuild:
861 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
862 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
863 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
864 rsbac >> /etc/portage/package.use)
865
866 *hardened-sources-2.6.14 (14 Nov 2005)
867
868 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
869 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
870 Bumping 2.6 series to 2.6.14.2
871
872 *hardened-sources-2.6.13-r2 (20 Oct 2005)
873
874 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
875 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
876 +hardened-sources-2.6.13-r2.ebuild:
877 Fixes minor build error in ppc.
878
879 *hardened-sources-2.6.13-r1 (17 Oct 2005)
880
881 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
882 +hardened-sources-2.6.13-r1.ebuild:
883 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
884 2.6.13.4, fixes some major amd64 stability problems.
885
886 *hardened-sources-2.6.13 (16 Sep 2005)
887
888 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
889 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
890 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
891 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
892 users should test this thoroughly.
893
894 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
895 - stable on x86
896
897 *hardened-sources-2.6.11-r15 (27 Jun 2005)
898
899 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
900 +hardened-sources-2.6.11-r15.ebuild:
901 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
902 grsec redefining curr_ip struct.
903
904 *hardened-sources-2.4.31 (20 Jun 2005)
905
906 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
907 initial import of 2.4.31 tree
908
909 *hardened-sources-2.6.11-r14 (14 Jun 2005)
910
911 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
912 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
913 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
914 naming scheme to abide by genpatches
915
916 *hardened-sources-2.6.11-r13 (18 May 2005)
917
918 18 May 2005; John Mylchreest <johnm@gentoo.org>
919 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
920 Managed to mangle the Makefile patch from grsec, to miss out the grsec
921 target. sorry about that. Fixes bug #93022
922
923 *hardened-sources-2.6.11-r12 (17 May 2005)
924
925 17 May 2005; John Mylchreest <johnm@gentoo.org>
926 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
927 +hardened-sources-2.6.11-r12.ebuild:
928 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
929 merges in genpatches-base
930
931 *hardened-sources-2.6.11-r12 (17 May 2005)
932
933 17 May 2005; John Mylchreest <johnm@gentoo.org>
934 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
935 +hardened-sources-2.6.11-r12.ebuild:
936 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
937 merges in genpatches-base
938
939 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
940 -files/2.4.27-cmdline-race.patch,
941 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
942 -files/2.4.28-grsec-binfmt_a.out.patch,
943 -files/2.4.28-grsec-cmdline-race.patch,
944 -files/2.4.28-selinux-binfmt_a.out.patch,
945 -files/2.4.28-selinux-cmdline-race.patch,
946 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
947 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
948 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
949 cleanup..
950
951 *hardened-sources-2.4.30-r1 (21 Apr 2005)
952
953 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
954 - disable aout by default
955
956 *hardened-sources-2.4.30 (18 Apr 2005)
957
958 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
959 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
960 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
961 use
962
963 *hardened-sources-2.4.29 (30 Mar 2005)
964
965 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
966 +hardened-sources-2.4.29.ebuild:
967 New hardened-patches-2.4-29.0 patchball.
968 Removed SELinux support, upgraded GRSecurity to 2.1.4.
969
970 *hardened-sources-2.4.28-r5 (06 Mar 2005)
971
972 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
973 +hardened-sources-2.4.28-r5.ebuild:
974 Added a fix for a PaX vulnerability.
975
976 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
977 hardened-sources-2.4.28-r4.ebuild:
978 Stable on x86
979
980 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
981 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
982 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
983 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
984 - fixed/added RDEPEND= in all kernel-2 ebuilds
985
986 *hardened-sources-2.4.28-r4 (21 Jan 2005)
987
988 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
989 +hardened-sources-2.4.28-r4.ebuild:
990 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
991 backport of neighbour hash updates.
992
993 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
994 hardened-sources-2.4.28-r3.ebuild:
995 Stable on x86
996
997 *hardened-sources-2.6.10-r3 (20 Jan 2005)
998
999 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1000 +hardened-sources-2.6.10-r3.ebuild:
1001 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1002 in 2005.0
1003
1004 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1005 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1006 hardened-sources-2.4.28-r2.ebuild:
1007 Mark stable on x86
1008
1009 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1010
1011 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1012 +hardened-sources-2.4.28-r3.ebuild:
1013 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1014
1015 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1016 hardened-sources-2.4.28.ebuild:
1017 Mark stable on x86.
1018
1019 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1020
1021 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1022 +hardened-sources-2.4.28-r2.ebuild:
1023 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1024 Mazinger for grsecurity patches as well.
1025
1026 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1027
1028 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1029 Security bump. Thank tocharian for rolling a new patchset...
1030
1031 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1032 +files/2.4.28-grsec-cmdline-race.patch,
1033 +files/2.4.28-selinux-binfmt_a.out.patch,
1034 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1035 - Round up remaining security patches that appear to be missing in 2.4.28. -
1036 PaX standalone updated to current. hgpv=28.1
1037
1038 *hardened-sources-2.4.28 (28 Nov 2004)
1039
1040 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1041 security bump. Thank tocharian for rolling a new patchset
1042
1043 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1044
1045 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1046 +hardened-sources-2.4.27-r3.ebuild:
1047 Applies the new 2.4-27.2 patchball which updates
1048 GRSecurity to the 2.0.1 version.
1049
1050 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1051
1052 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1053 +hardened-sources-2.4.27-r2.ebuild:
1054 Version bump.
1055 This version uses the new 2.4-27.1 patchball which updates
1056 both the SELinux PaX hooks patch and the SELinux headers.
1057
1058 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1059
1060 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1061 +hardened-sources-2.4.27-r1.ebuild,
1062 -hardened-sources-2.4.27.ebuild,
1063 +files/2.4.27-cmdline-race.patch:
1064 Version bump, fix for cmdline race. See bug #59905.
1065
1066 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1067
1068 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1069 +hardened-sources-2.4.26-r6.ebuild,
1070 -hardened-sources-2.4.26-r5.ebuild,
1071 -hardened-sources-2.4.26-r4.ebuild,
1072 +files/2.4.26-cmdline-race.patch:
1073 Version bump, fix for cmdline race. See bug #59905.
1074
1075 *hardened-sources-2.4.27 (08 Aug 2004)
1076
1077 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1078 +hardened-sources-2.4.27.ebuild,
1079 +files/2.4.27-CAN-2004-0394.patch:
1080 Ported the patchball to the 2.4.27 kernel version.
1081
1082 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1083
1084 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1085 +hardened-sources-2.4.26-r5.ebuild:
1086 Updated to use the new hardened-patches-2.4-26.1 patchball.
1087 It adds the following features:
1088 - Squashfs
1089 - Ebtables
1090 - Netdev random (core+drivers)
1091 - Watchdog Timer (WDT) fix.
1092
1093 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1094
1095 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1096 +hardened-sources-2.4.26-r4.ebuild,
1097 +files/2.4.26-CAN-2004-0415.patch,
1098 -hardened-sources-2.4.26-3:
1099 Version bump, fix for CAN 0415, see bug #59378.
1100
1101 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1102
1103 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1104 +hardened-sources-2.4.26-r3.ebuild,
1105 +files/2.4.26-CAN-2004-0497.patch,
1106 -hardened-sources-2.4.26-r2.ebuild:
1107 Version bump, fixed CAN 0497, see bug #56171.
1108
1109 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1110
1111 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1112 +hardened-sources-2.4.26-r2.ebuild,
1113 +files/2.4.26-CAN-2004-0495.patch,
1114 +files/2.4.26-CAN-2004-0535.patch,
1115 -hardened-sources-2.4.26-r1.ebuild:
1116 Fixes for both CAN 0495 and 0535, see bug #54976
1117
1118 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1119 hardened-sources-2.4.26-r1.ebuild:
1120 QA - fix use invocation
1121
1122 *hardened-sources-2.4.26-r1 (22 June 2004)
1123
1124 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1125 +hardened-sources-2.4.26-r1.ebuild,
1126 +files/2.4.26-CAN-2004-0394.patch,
1127 +files/2.4.26-signal-race.patch,
1128 -hardened-sources-2.4.26.ebuild,
1129 -hardened-sources-2.4.24-r3.ebuild:
1130 Version bump for the CAN-2004-0394 issue and bug #53804
1131 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1132
1133
1134 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1135 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1136 Masked hardened-sources-2.4.26.ebuild broken for ppc
1137
1138 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1139 hardened-sources-2.4.24-r3.ebuild:
1140 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1141
1142 *hardened-sources-2.4.26 (29 May 2004)
1143
1144 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1145 +hardened-sources-2.4.26.ebuild:
1146 Updated hardened-sources for the 2.4.26 kernel
1147 Removed broken components, updated almost everything.
1148
1149 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1150
1151 17 Apr 2004; <plasmaroo@gentoo.org>
1152 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1153 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1154 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1155 +hardened-sources-2.4.24-r3.ebuild:
1156 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1157 vulnerabilities. Old revisions removed.
1158
1159 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1160
1161 15 Apr 2004; <plasmaroo@gentoo.org>
1162 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1163 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1164 Version bump for the CAN-2004-0109 issue; bug #47881.
1165
1166 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1167 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1168 Add eutils to inherit.
1169
1170 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1171
1172 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1173 files/hardened-sources-2.4.24.munmap.patch:
1174 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1175
1176 *hardened-sources-2.4.24 (06 Feb 2004)
1177
1178 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1179 hardened-sources-2.4.24.ebuild:
1180 Version bump, updated most of the components.
1181 This release includes the following:
1182
1183 - Hardened security
1184 - Netfilter patch-o-matic 20031219
1185 - FreeSWAN 2.04 & x509 1.4.8
1186 - EVMS 2.2.2
1187 - XFS 1.3.1
1188 - cryptoloop jari
1189 - grsecurity 2.0-rc4
1190 - SELinux
1191 - PaX 200402060000
1192 - PaX Obscurity 200308302223
1193 - Others...
1194
1195 Neither -ck nor systrace are included anymore.
1196
1197 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1198
1199 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1200 hardened-sources-2.4.22-r2.ebuild:
1201 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1202
1203 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1204
1205 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1206 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1207
1208 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1209 hardened-sources-2.4.22-r1.ebuild:
1210 Version bump for the 'do_brk' vulnerability.
1211
1212 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1213 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1214 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1215 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1216 Fix the 'do_brk' vulnerability.
1217
1218 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1219 hardened-sources-2.4.22.ebuild:
1220 - Removed the src_install() portion for SELinux flask
1221 components. These are no longer handled in the kernel
1222 so this code was not necessary.
1223
1224 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1225 New 2.4.22 based hardened-sources thanks to
1226 Phil West <p.west@computer.org>.
1227
1228 These sources include:
1229 - New SELinux API
1230 - Updated CK-base
1231 - Updated GRSec
1232 - Systrace
1233 - SuperFreeS/WAN 1.99.8
1234 - Propolice kernel build support
1235 - EVMS
1236 - Other various security related patches
1237
1238 *hardened-sources-2.4.21 (14 Sep 2003)
1239
1240 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1241 Updated hardened-sources based on the 2.4.21 Linux kernel.
1242 This includes updates to most major components such as:
1243 - ck-base-0306300059
1244 - selinux-2.4-2003071106
1245 - grsecurity-2.0-rc1
1246 - Updated IPTables patch-o-matic
1247 - Updated SuperFreeS/WAN
1248
1249 Thanks to Phil West <pwest@computer.org> for his work in getting this
1250 updated patch set ready for the 2.4.21 based kernel.
1251
1252 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1253 Initial import of hardened-sources-2.4.20-r4. This revision
1254 includes only a few changes, but one of these is an important
1255 security fix. It is recommended all users of hardened-sources
1256 upgrade to this release.
1257
1258 - ioperm bug fix
1259 - fixed compilation failure when building without GRSec
1260
1261 SAL (Secure Auditing for Linux) is NOT included in this revision
1262 due to time constraints, but is planned for inclusion in the near
1263 future.
1264
1265 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1266
1267 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1268 hardened-sources-2.4.20-r3.ebuild:
1269 Add Header...
1270
1271 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1272 hardened-sources-2.4.20-r3.ebuild:
1273 Removed warnings from ebuild. This kernel should be safe to
1274 use at this point.
1275
1276 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1277
1278 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1279 hardened-sources-2.4.20-r3.ebuild:
1280 New revision. Includes the following changes over -r2:
1281
1282 - ck7-base (O(1), preempt, low latency)
1283 - Super FreeS/WAN 1.99.7rc2
1284 - PaX for the LSM/SELinux branch
1285 - GRSecurity 2.0-pre4 (role based access control)
1286 - Systrace 1.3
1287 - EXT3 fixes
1288 - EVMS 2.0.1
1289 - GCC 3.1+ compile optimizations
1290 - ProPolice kernel build support
1291 - Hashing table security fixes
1292
1293 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1294
1295 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1296 Initial import of hardened-sources-r2. This new
1297 ebuild includes many new performance and security
1298 related patches. As in -r1, it will patch in
1299 LSM/SELinux if "selinux" is in USE, otherwise it
1300 will patch in GRSecurity. The following patches
1301 are included in this revision:
1302
1303 - O(1) Scheduler, Low Latency, and Preempt
1304 (pulled from the base CK patch)
1305 - ptrace exploit patch for the LSM kernel
1306 (the GRSec patch already fixes this)
1307 - LSM 2.4-2003040709
1308 - SELinux 2.4-2003040709
1309 - Systrace v1.2
1310 - IPTables patch-o-matic base patches - 20030107
1311 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1312 - Super FreeS/WAN 1.99.6.1
1313 - GRSecurity 1.9.9g
1314 - MPPE
1315 - EXT3 data journal fix
1316 - CIPE 1.5.4
1317
1318 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1319 hardened-sources-2.4.20-r1.ebuild, manifest:
1320 Updated to install flask components correctly for selinux.
1321
1322 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1323 hardened-sources-2.4.20-r1.ebuild:
1324 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1325 is patched in instead. Ptrace patches for selinux have also been added. In
1326 either case, systrace support will be patched in as well.
1327
1328 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1329 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1330 Revision bump for new sources.
1331
1332 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1333 hardened-sources-2.4.20-r1.ebuild:
1334 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1335
1336 *hardened-sources-2.4.20 (30 Mar 2003)
1337
1338 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1339 hardened-sources-2.4.20.ebuild:
1340 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20