/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.216 - (show annotations) (download)
Tue Apr 8 16:46:08 2008 UTC (6 years, 7 months ago) by nixnut
Branch: MAIN
Changes since 1.215: +4 -1 lines
Stable on ppc wrt bug #213255
(Portage version: 2.1.5_rc2)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.215 2008/04/07 21:04:27 solar Exp $
4
5 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
6 Stable on ppc wrt bug #213255
7
8 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
9 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
10 - stable on x86/amd64 per request. Removed obsolete ebuilds
11
12 *hardened-sources-2.6.24 (07 Apr 2008)
13
14 07 Apr 2008; Christian Heim <phreak@gentoo.org>
15 +hardened-sources-2.6.24.ebuild:
16 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
17 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
18 for the many contributions and their continued effort in #216612) based on
19 2.6.24 and genpatches-2.6.24-5.
20
21 The current ebuild/patchset contains these things:
22 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
23 * Introduces bespoke server and workstation oriented security levels
24 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
25
26 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
27 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
28 maintaining it).
29
30 24 Mar 2008; Christian Heim <phreak@gentoo.org>
31 hardened-sources-2.4.35-r2.ebuild:
32 Fixing SRC_URI for 2.4.35-r2.
33
34 *hardened-sources-2.6.23-r9 (22 Mar 2008)
35
36 22 Mar 2008; Christian Heim <phreak@gentoo.org>
37 +hardened-sources-2.6.23-r9.ebuild:
38 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
39 * Change the default GIDs for some grsecurity options
40 * Revamp the Hardened [Gentoo] security level and make it the default level
41 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
42 * Fix a recursive lock -- call to capable() within ptrace_attach()
43 * Fix bug that allows audit and iscsi operations to be controlled via netlink
44
45 *hardened-sources-2.6.23-r8 (27 Feb 2008)
46
47 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
48 - version bump from Kerin Millar bug 210026
49
50 17 Feb 2008; <solar@gentoo.org> metadata.xml,
51 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
52 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
53 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
54 - stable on x86 and remove old ebuilds
55
56 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
57 - stable on amd64 per request of amd64 lead
58
59 *hardened-sources-2.6.23-r7 (11 Feb 2008)
60
61 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
62 - version bump from kerin.millar
63 Changes:
64
65 * Bump to genpatches-base-2.6.23-9
66 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
67 * Disables COMPAT_VDSO in x86/defconfig
68 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
69
70 25 Jan 2008; Christian Heim <phreak@gentoo.org>
71 -hardened-sources-2.6.22-r8.ebuild:
72 Cleaning up old versions.
73
74 *hardened-sources-2.6.23-r6 (25 Jan 2008)
75
76 25 Jan 2008; Christian Heim <phreak@gentoo.org>
77 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
78 Revision bump, pulling in the latest genpatches.
79
80 *hardened-sources-2.6.23-r5 (24 Dec 2007)
81
82 24 Dec 2007; Christian Heim <phreak@gentoo.org>
83 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
84 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
85 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
86 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
87
88 24 Dec 2007; Christian Heim <phreak@gentoo.org>
89 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
90 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
91 -hardened-sources-2.6.23-r3.ebuild:
92 Cleaning out some unused, old versions.
93
94 24 Dec 2007; Christian Heim <phreak@gentoo.org>
95 hardened-sources-2.6.23-r4.ebuild:
96 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
97 in the tree for long, but there isn't much of a difference between this and
98 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
99
100 *hardened-sources-2.6.23-r4 (23 Dec 2007)
101
102 23 Dec 2007; Christian Heim <phreak@gentoo.org>
103 +hardened-sources-2.6.23-r4.ebuild:
104 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
105
106 *hardened-sources-2.6.23-r3 (04 Dec 2007)
107
108 04 Dec 2007; Christian Heim <phreak@gentoo.org>
109 +hardened-sources-2.6.23-r3.ebuild:
110 Revision bump, pulling in 2.6.23.9.
111
112 *hardened-sources-2.6.23-r2 (25 Nov 2007)
113
114 25 Nov 2007; Christian Heim <phreak@gentoo.org>
115 +hardened-sources-2.6.23-r2.ebuild:
116 Updated patchset, thanks to solar.
117
118 *hardened-sources-2.6.23-r1 (31 Oct 2007)
119
120 31 Oct 2007; Christian Heim <phreak@gentoo.org>
121 +hardened-sources-2.6.23-r1.ebuild:
122 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
123
124 29 Oct 2007; <solar@gentoo.org> metadata.xml:
125 - update metadata.xml
126
127 25 Oct 2007; Christian Heim <phreak@gentoo.org>
128 hardened-sources-2.6.22-r8.ebuild:
129 Marking 2.6.22-r8 stable on amd64 and x86.
130
131 21 Oct 2007; Christian Heim <phreak@gentoo.org>
132 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
133 -hardened-sources-2.6.21-r4.ebuild:
134 Removing old ebuilds.
135
136 *hardened-sources-2.4.35-r2 (21 Oct 2007)
137
138 21 Oct 2007; Christian Heim <phreak@gentoo.org>
139 +hardened-sources-2.4.35-r2.ebuild:
140 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
141 patches.
142
143 *hardened-sources-2.6.22-r8 (21 Oct 2007)
144
145 21 Oct 2007; Christian Heim <phreak@gentoo.org>
146 +hardened-sources-2.6.22-r8.ebuild:
147 Yet another new patch, hopefully fixing the remaining issues we had w/
148 2.6.22. Candidate for stabling.
149
150 *hardened-sources-2.6.23 (13 Oct 2007)
151
152 13 Oct 2007; Christian Heim <phreak@gentoo.org>
153 +hardened-sources-2.6.23.ebuild:
154 Initial hardened-sources-2.6.23. If people still have problems w/ bug
155 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
156
157 11 Oct 2007; Christian Heim <phreak@gentoo.org>
158 hardened-sources-2.6.20-r10.ebuild:
159 Pulling in yet another new genpatches version, fixing the PWC bug for real.
160
161 04 Oct 2007; Christian Heim <phreak@gentoo.org>
162 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
163 Removing old versions.
164
165 *hardened-sources-2.6.22-r7 (01 Oct 2007)
166
167 01 Oct 2007; Christian Heim <phreak@gentoo.org>
168 +hardened-sources-2.6.22-r7.ebuild:
169 Revision bump, pulling in a newer patch. Should fix #194276.
170
171 30 Sep 2007; Christian Heim <phreak@gentoo.org>
172 hardened-sources-2.6.20-r10.ebuild:
173 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
174 Mike Doty).
175
176 *hardened-sources-2.6.22-r6 (26 Sep 2007)
177
178 26 Sep 2007; Christian Heim <phreak@gentoo.org>
179 +hardened-sources-2.6.22-r6.ebuild:
180 Revision bump, grabbing up till Linux 2.6.22.9.
181
182 24 Sep 2007; Christian Heim <phreak@gentoo.org>
183 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
184 Cleaning up further.
185
186 *hardened-sources-2.6.20-r10 (24 Sep 2007)
187
188 24 Sep 2007; Christian Heim <phreak@gentoo.org>
189 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
190 +hardened-sources-2.6.20-r10.ebuild:
191 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
192 revisions.
193
194 *hardened-sources-2.6.22-r5 (22 Sep 2007)
195
196 22 Sep 2007; Christian Heim <phreak@gentoo.org>
197 +hardened-sources-2.6.22-r5.ebuild:
198 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
199
200 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
201 Removing johnm from metadata.xml (see #186467 for reference).
202
203 *hardened-sources-2.6.22-r4 (17 Sep 2007)
204
205 17 Sep 2007; Christian Heim <phreak@gentoo.org>
206 +hardened-sources-2.6.22-r4.ebuild:
207 Revision bump, hopefully fixing all those weird PAX failures.
208
209 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
210 Updating the metadata.xml.
211
212 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
213 Removing tocharian from metadata due to his retirement (see #71718 for
214 reference).
215
216 *hardened-sources-2.6.20-r9 (30 Aug 2007)
217
218 30 Aug 2007; Christian Heim <phreak@gentoo.org>
219 +hardened-sources-2.6.20-r9.ebuild:
220 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
221
222 29 Aug 2007; Christian Heim <phreak@gentoo.org>
223 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
224 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
225 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
226 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
227 -hardened-sources-2.6.22-r2.ebuild:
228 Removing some redundant versions.
229
230 *hardened-sources-2.4.35-r1 (29 Aug 2007)
231
232 29 Aug 2007; Christian Heim <phreak@gentoo.org>
233 +hardened-sources-2.4.35-r1.ebuild:
234 Revision bump, new grsecurity patch.
235
236 *hardened-sources-2.6.20-r8 (26 Aug 2007)
237
238 26 Aug 2007; Christian Heim <phreak@gentoo.org>
239 +hardened-sources-2.6.20-r8.ebuild:
240 Revision bump for Linux 2.6.20.17.
241
242 *hardened-sources-2.6.22-r3 (22 Aug 2007)
243
244 22 Aug 2007; Christian Heim <phreak@gentoo.org>
245 +hardened-sources-2.6.22-r3.ebuild:
246 Revision bump for Linux 2.6.22.4.
247
248 16 Aug 2007; Christian Heim <phreak@gentoo.org>
249 hardened-sources-2.6.22-r2.ebuild:
250 Updated patchset, to fix the alignment against 2.6.22.3.
251
252 *hardened-sources-2.6.22-r2 (16 Aug 2007)
253
254 16 Aug 2007; Christian Heim <phreak@gentoo.org>
255 +hardened-sources-2.6.22-r2.ebuild:
256 Revision bump for Linux 2.6.22.3.
257
258 *hardened-sources-2.4.35 (16 Aug 2007)
259
260 16 Aug 2007; Christian Heim <phreak@gentoo.org>
261 +hardened-sources-2.4.35.ebuild:
262 Version bump, initial version for Linux 2.4.35.
263
264 *hardened-sources-2.6.21-r4 (16 Aug 2007)
265
266 16 Aug 2007; Christian Heim <phreak@gentoo.org>
267 +hardened-sources-2.6.21-r4.ebuild:
268 Revision bump for Linux 2.6.21.6.
269
270 *hardened-sources-2.6.20-r7 (16 Aug 2007)
271
272 16 Aug 2007; Christian Heim <phreak@gentoo.org>
273 +hardened-sources-2.6.20-r7.ebuild:
274 Revision bump for Linux 2.6.20.16.
275
276 *hardened-sources-2.6.22-r1 (13 Aug 2007)
277
278 13 Aug 2007; Christian Heim <phreak@gentoo.org>
279 +hardened-sources-2.6.22-r1.ebuild:
280 Yet another revision bump.
281
282 *hardened-sources-2.6.22 (10 Aug 2007)
283
284 10 Aug 2007; Christian Heim <phreak@gentoo.org>
285 +hardened-sources-2.6.22.ebuild:
286 Initial release for 2.6.22. If you are using hardened-sources on a desktop
287 machine (P4 or newer), be aware you might need to disable
288 CONFIG_PAX_PAGEEXEC.
289
290 04 Aug 2007; Christian Heim <phreak@gentoo.org>
291 hardened-sources-2.6.20-r6.ebuild:
292 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
293 2.6.20.15.
294
295 10 Jul 2007; Christian Heim <phreak@gentoo.org>
296 hardened-sources-2.6.20-r5.ebuild:
297 Marking hardened-sources-2.6.20-r5 stable on ppc.
298
299 10 Jul 2007; Christian Heim <phreak@gentoo.org>
300 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
301 Cleanup.
302
303 *hardened-sources-2.6.20-r6 (08 Jul 2007)
304
305 08 Jul 2007; Christian Heim <phreak@gentoo.org>
306 +hardened-sources-2.6.20-r6.ebuild:
307 Revision bump, grabbing yet another stable release.
308
309 17 Jun 2007; Christian Heim <phreak@gentoo.org>
310 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
311 -hardened-sources-2.6.21-r2.ebuild:
312 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
313 alpha stable KEYWORD by mistake.
314
315 17 Jun 2007; Christian Heim <phreak@gentoo.org>
316 hardened-sources-2.6.20-r5.ebuild:
317 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
318 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
319
320 *hardened-sources-2.6.21-r3 (12 Jun 2007)
321
322 12 Jun 2007; Christian Heim <phreak@gentoo.org>
323 +hardened-sources-2.6.21-r3.ebuild:
324 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
325 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
326 love.
327
328 *hardened-sources-2.6.20-r5 (11 Jun 2007)
329
330 11 Jun 2007; Christian Heim <phreak@gentoo.org>
331 +hardened-sources-2.6.20-r5.ebuild:
332 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
333 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
334 love.
335
336 *hardened-sources-2.4.34.5 (11 Jun 2007)
337
338 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
339 +hardened-sources-2.4.34.5.ebuild:
340 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
341
342 30 May 2007; Christian Heim <phreak@gentoo.org>
343 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
344 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
345 stale ebuild(s).
346
347 30 May 2007; Christian Heim <phreak@gentoo.org>
348 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
349 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
350 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
351 Doing some cleanups, remove stale ebuilds.
352
353 26 May 2007; Christian Heim <phreak@gentoo.org>
354 hardened-sources-2.6.21-r2.ebuild:
355 Fixing the grsecurity patch, had one '};' too much.
356
357 *hardened-sources-2.6.21-r2 (26 May 2007)
358
359 26 May 2007; Christian Heim <phreak@gentoo.org>
360 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
361 +hardened-sources-2.6.21-r2.ebuild:
362 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
363 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
364
365 *hardened-sources-2.6.20-r4 (26 May 2007)
366
367 26 May 2007; Christian Heim <phreak@gentoo.org>
368 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
369 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
370 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
371
372 15 May 2007; Christian Heim <phreak@gentoo.org>
373 hardened-sources-2.6.20-r3.ebuild:
374 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
375 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
376 grsecurity patch fail in that exact same hunk.
377
378 *hardened-sources-2.6.20-r3 (15 May 2007)
379
380 15 May 2007; Christian Heim <phreak@gentoo.org>
381 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
382 Revision bump, incorporating Linux 2.6.20.11.
383
384 *hardened-sources-2.6.21-r1 (11 May 2007)
385
386 11 May 2007; Christian Heim <phreak@gentoo.org>
387 +hardened-sources-2.6.21-r1.ebuild:
388 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
389 mentioned in #177234.
390
391 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
392 files/digest-hardened-sources-2.6.21, Manifest:
393 Fix Manifest/digest for linux-2.6.21.tar.bz2
394
395 06 May 2007; Christian Heim <phreak@gentoo.org>
396 hardened-sources-2.6.21.ebuild:
397 Bumping the hardened-patches version, needed for the fix for #177234.
398
399 *hardened-sources-2.6.21 (02 May 2007)
400
401 02 May 2007; Christian Heim <phreak@gentoo.org>
402 +hardened-sources-2.6.21.ebuild:
403 Version bump, Linux 2.6.21-hardened.
404
405 29 Apr 2007; Christian Heim <phreak@gentoo.org>
406 hardened-sources-2.6.20-r2.ebuild:
407 Adding ~ia64 on Ned's request.
408
409 29 Apr 2007; Christian Heim <phreak@gentoo.org>
410 hardened-sources-2.6.20-r2.ebuild:
411 Fixing the included grsecurity patch, wasn't alligning due to the Index:
412 header line(s).
413
414 29 Apr 2007; Christian Heim <phreak@gentoo.org>
415 hardened-sources-2.6.20-r2.ebuild:
416 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
417
418 *hardened-sources-2.6.20-r2 (10 Apr 2007)
419
420 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
421 +hardened-sources-2.6.20-r2.ebuild:
422 Version bump, on behalf of phreak
423
424 *hardened-sources-2.6.20-r1 (04 Apr 2007)
425
426 04 Apr 2007; Christian Heim <phreak@gentoo.org>
427 +hardened-sources-2.6.20-r1.ebuild:
428 Revision bump, grabbing a newer grsecurity snapshot.
429
430 *hardened-sources-2.6.20 (25 Mar 2007)
431
432 25 Mar 2007; Christian Heim <phreak@gentoo.org>
433 +hardened-sources-2.6.20.ebuild:
434 Finally a hardened-sources version for 2.6.20; many people have been waiting
435 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
436 testbox.
437
438 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
439 hardened-sources-2.6.18-r6.ebuild:
440 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
441
442 *hardened-sources-2.6.18-r6 (16 Mar 2007)
443
444 16 Mar 2007; Christian Heim <phreak@gentoo.org>
445 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
446 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
447 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
448 supposed to be.
449
450 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
451 Fixing the Manifest, the previous one was broken (as in still had the
452 deleted ebuild in it).
453
454 06 Mar 2007; Christian Heim <phreak@gentoo.org>
455 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
456 +hardened-sources-2.6.18-r5.ebuild:
457 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
458 Linux 2.6.18.8. Also cleaning up the older version.
459
460 *hardened-sources-2.6.18-r5 (06 Mar 2007)
461
462 06 Mar 2007; Christian Heim <phreak@gentoo.org>
463 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
464 +hardened-sources-2.6.18-r5.ebuild:
465 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
466 Linux 2.6.18.8. Also cleaning up the older version.
467
468 24 Feb 2007; Christian Heim <phreak@gentoo.org>
469 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
470 -hardened-sources-2.6.19-r5.ebuild:
471 Removing some of the old version, that didn't work.
472
473 *hardened-sources-2.6.19-r6 (12 Feb 2007)
474
475 12 Feb 2007; Christian Heim <phreak@gentoo.org>
476 +hardened-sources-2.6.19-r6.ebuild:
477 Revision bump, including a new grsec version fixing #166235.
478
479 *hardened-sources-2.4.34 (24 Jan 2007)
480
481 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
482 Manifest:
483 updating Manifest with checksums of new tarball and ebuild
484
485 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
486 +hardened-sources-2.4.34.ebuild:
487 I added new hardened sources 2.4 update, this is a critical path
488 security bugfix - all users of h-s are strongly advised
489 to update their existing hardened sources to this version.
490 It contains a fix for a kernel vulnerability that is pertaining
491 to the PaX changes to virtual memory management, possibly leading
492 to a local kernel exploit ... see grsecurity.net forums and homepage
493
494 23 Jan 2007; Christian Heim <phreak@gentoo.org>
495 files/digest-hardened-sources-2.6.19-r5, Manifest:
496 Fixing the patch-tarball digest.
497
498 *hardened-sources-2.6.19-r5 (23 Jan 2007)
499
500 23 Jan 2007; Christian Heim <phreak@gentoo.org>
501 +hardened-sources-2.6.19-r5.ebuild:
502 Revision bump, closing the recently discovered PaX expand_stack()
503 vulnerability.
504
505 *hardened-sources-2.6.19-r4 (14 Jan 2007)
506
507 14 Jan 2007; Christian Heim <phreak@gentoo.org>
508 +hardened-sources-2.6.19-r4.ebuild:
509 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
510 dropping the randomized PID feature.
511
512 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
513 hardened-sources-2.4.33.4.ebuild:
514 stable x86, bug #161171
515
516 *hardened-sources-2.6.19-r3 (27 Dec 2006)
517
518 27 Dec 2006; Christian Heim <phreak@gentoo.org>
519 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
520 Revision bump for bug #157186 and #158786.
521
522 *hardened-sources-2.6.18-r4 (27 Dec 2006)
523
524 27 Dec 2006; Christian Heim <phreak@gentoo.org>
525 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
526 Revision bump for bug #157186.
527
528 *hardened-sources-2.6.19-r2 (23 Dec 2006)
529
530 23 Dec 2006; Christian Heim <phreak@gentoo.org>
531 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
532 Revision bump to pull in genpatches-2.6.19-3 for #157186.
533
534 17 Dec 2006; Christian Heim <phreak@gentoo.org>
535 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
536 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
537 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
538 hardened-sources-2.6.19-r1.ebuild:
539 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
540 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
541
542 *hardened-sources-2.4.33.4 (17 Dec 2006)
543
544 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
545 +hardened-sources-2.4.33.4.ebuild:
546 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
547 and quilting
548
549 *hardened-sources-2.6.19-r1 (14 Dec 2006)
550
551 14 Dec 2006; Christian Heim <phreak@gentoo.org>
552 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
553 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
554 for reporting).
555
556 *hardened-sources-2.6.19 (13 Dec 2006)
557
558 13 Dec 2006; Christian Heim <phreak@gentoo.org>
559 +hardened-sources-2.6.19.ebuild:
560 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
561 Brad for providing that prompt update.
562
563 *hardened-sources-2.6.18-r3 (13 Dec 2006)
564
565 13 Dec 2006; Christian Heim <phreak@gentoo.org>
566 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
567 +hardened-sources-2.6.18-r3.ebuild:
568 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
569 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
570
571 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
572 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
573
574 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
575 Stable on ppc wrt bug 157356
576
577 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
578 hardened-sources-2.6.18.ebuild:
579 stable x86, bug #157356
580
581 *hardened-sources-2.6.18-r2 (06 Dec 2006)
582
583 06 Dec 2006; Christian Heim <phreak@gentoo.org>
584 +hardened-sources-2.6.18-r2.ebuild:
585 Revision bump, including 2.6.18.5 (via genpatches) and
586 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
587 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
588 redesign.
589
590 06 Dec 2006; Christian Heim <phreak@gentoo.org>
591 hardened-sources-2.6.18.ebuild:
592 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
593 of Mike Doty).
594
595 *hardened-sources-2.6.18-r1 (23 Nov 2006)
596
597 23 Nov 2006; Christian Heim <phreak@gentoo.org>
598 +hardened-sources-2.6.18-r1.ebuild:
599 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
600
601 *hardened-sources-2.6.18 (11 Nov 2006)
602
603 11 Nov 2006; Christian Heim <phreak@gentoo.org>
604 +hardened-sources-2.6.18.ebuild:
605 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
606
607 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
608 - mark amd64 stable also. bug #151877
609
610 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
611 - mark 2.6.17-r1 stable
612
613 27 Aug 2006; Christian Heim <phreak@gentoo.org>
614 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
615 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
616
617 *hardened-sources-2.6.17-r1 (26 Aug 2006)
618
619 26 Aug 2006; Christian Heim <phreak@gentoo.org>
620 +hardened-sources-2.6.17-r1.ebuild:
621 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
622 grsecurity patch.
623
624 *hardened-sources-2.6.17 (17 Aug 2006)
625
626 17 Aug 2006; Christian Heim <phreak@gentoo.org>
627 +hardened-sources-2.6.17.ebuild:
628 Bumping the hardened-sources-2.6 series to 2.6.17, using
629 genpatches-2.6.17-6.base.
630
631 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
632 - stable on x86 and amd64
633
634 *hardened-sources-2.6.16-r11 (15 Jul 2006)
635
636 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
637 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
638 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
639 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
640 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
641 crusty ebuilds
642
643 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
644 hardened-sources-2.6.16-r10.ebuild:
645 marking stable on x86 and amd64
646
647 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
648 - 2.4.32-r6 stable on x86. RSBAC state unknown
649
650 *hardened-sources-2.4.32-r7 (10 Jul 2006)
651
652 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
653 +hardened-sources-2.4.32-r7.ebuild:
654 Bump PaX for RSBAC to test-17
655
656 *hardened-sources-2.6.16-r9 (03 Jul 2006)
657
658 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
659 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
660 hardened-sources-2.6.16 bump to latest -base.
661
662 *hardened-sources-2.4.32-r6 (30 Jun 2006)
663
664 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
665 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
666 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
667 sysctl controlable resource logging
668
669 *hardened-sources-2.6.16-r7 (05 Jun 2006)
670
671 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
672 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
673 push new 2.6.16 release in preparation for stable
674
675 22 May 2006; <solar@gentoo.org> :
676 - redigest bug 134002
677
678 *hardened-sources-2.4.32-r5 (16 May 2006)
679
680 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
681 +hardened-sources-2.4.32-r5.ebuild:
682 Fixes rsbac common patching (new patch in new -r5 patchset)
683
684 *hardened-sources-2.4.32-r4 (13 May 2006)
685
686 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
687 +hardened-sources-2.4.32-r4.ebuild:
688 - security bumps
689
690 *hardened-sources-2.6.16-r6 (03 May 2006)
691
692 03 May 2006; John Mylchreest <johnm@gentoo.org>
693 +hardened-sources-2.6.16-r6.ebuild:
694 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
695
696 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
697 hardened-sources-2.6.14-r8.ebuild:
698 fix x86_64 build problem, this will delay the digest issue again for a short
699 while but it will sort itself out
700
701 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
702 hardened-sources-2.6.14-r8.ebuild:
703 bump hardened patchset
704
705 27 Apr 2006; Alec Warner <antarus@gentoo.org>
706 files/digest-hardened-sources-2.4.32-r2,
707 files/digest-hardened-sources-2.4.32-r3,
708 files/digest-hardened-sources-2.6.14-r8, Manifest:
709 Fixing duff SHA256 digests: Bug # 131293
710
711 *hardened-sources-2.6.16-r5 (27 Apr 2006)
712
713 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
714 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
715 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
716 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
717 cleanup of old uneccessary sources
718
719 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
720 fix digest
721
722 *hardened-sources-2.6.14-r8 (20 Apr 2006)
723
724 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
725 +hardened-sources-2.6.14-r8.ebuild:
726 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
727
728 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
729 Turning on gpg-signing again, and recomitting
730
731 *hardened-sources-2.6.16-r4 (20 Apr 2006)
732
733 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
734 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
735 +hardened-sources-2.6.16-r4.ebuild:
736 Fix numerous security vulns
737
738 *hardened-sources-2.4.32-r3 (16 Apr 2006)
739
740 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
741 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
742 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
743 - security bump for bug #112791. Removed old ebuilds
744
745 *hardened-sources-2.6.16-r3 (15 Apr 2006)
746
747 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
748 +hardened-sources-2.6.16-r3.ebuild:
749 Removing silly localversion which I missed
750
751 *hardened-sources-2.6.14-r7 (14 Apr 2006)
752
753 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
754 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
755 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
756
757 *hardened-sources-2.6.16-r2 (13 Apr 2006)
758
759 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
760 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
761 +hardened-sources-2.6.16-r2.ebuild:
762 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
763 labels, dropping USERGROUP define fixes, since these were merged mainstream.
764
765 *hardened-sources-2.6.16-r1 (11 Apr 2006)
766
767 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
768 +hardened-sources-2.6.16-r1.ebuild:
769 Bumping to include ppc build fix and 2.6.16.3
770
771 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
772 hardened-sources-2.6.14-r6.ebuild:
773 Stable on x86; bug #127718
774
775 *hardened-sources-2.6.16 (31 Mar 2006)
776
777 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
778 +hardened-sources-2.6.16.ebuild:
779 Bumping to new version of grsec, and kernel base. New squashfs. Based on
780 2.6.16.1
781
782 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
783 hardened-sources-2.6.14-r6.ebuild:
784 Stable on amd64, bug 127718.
785
786 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
787 Stable on ppc. Bug #127718
788
789 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
790 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
791 -hardened-sources-2.6.14-r4.ebuild:
792 Cleanup.
793
794 *hardened-sources-2.6.14-r6 (15 Mar 2006)
795
796 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
797 +hardened-sources-2.6.14-r6.ebuild:
798 Fixes grsec policy recreation bug and adds a
799 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
800
801 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
802 - stable on x86
803
804 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
805 hardened-sources-2.6.14-r5.ebuild:
806 Stable on ppc.
807
808 *hardened-sources-2.6.14-r5 (01 Feb 2006)
809
810 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
811 +hardened-sources-2.6.14-r5.ebuild:
812 fixing every known exploit
813
814 *hardened-sources-2.4.32-r2 (26 Jan 2006)
815
816 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
817 +hardened-sources-2.4.32-r2.ebuild:
818 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
819
820 *hardened-sources-2.6.14-r4 (12 Jan 2006)
821
822 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
823 - version bump for new genpatches which fix up a few sec holes
824
825 *hardened-sources-2.4.32-r1 (05 Jan 2006)
826
827 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
828 - revision bump to add misc vital linux kernel security patches.
829
830 *hardened-sources-2.6.14-r3 (30 Dec 2005)
831
832 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
833 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
834 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
835
836 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
837 hardened-sources-2.6.14-r2.ebuild:
838 making x86 & amd64 stable following testing.
839
840 *hardened-sources-2.6.14-r2 (27 Dec 2005)
841
842 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
843 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
844 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
845 network hooks.
846
847 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
848 hardened-sources-2.6.14-r1.ebuild:
849 bumping to stable early for sec fix on x86 & amd64
850
851 *hardened-sources-2.6.14-r1 (05 Dec 2005)
852
853 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
854 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
855 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
856
857 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
858 - stable on x86 security bug #114227 CAN-2005-3257
859
860 *hardened-sources-2.4.32 (19 Nov 2005)
861
862 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
863 +hardened-sources-2.4.32.ebuild:
864 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
865 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
866 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
867 rsbac >> /etc/portage/package.use)
868
869 *hardened-sources-2.6.14 (14 Nov 2005)
870
871 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
872 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
873 Bumping 2.6 series to 2.6.14.2
874
875 *hardened-sources-2.6.13-r2 (20 Oct 2005)
876
877 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
878 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
879 +hardened-sources-2.6.13-r2.ebuild:
880 Fixes minor build error in ppc.
881
882 *hardened-sources-2.6.13-r1 (17 Oct 2005)
883
884 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
885 +hardened-sources-2.6.13-r1.ebuild:
886 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
887 2.6.13.4, fixes some major amd64 stability problems.
888
889 *hardened-sources-2.6.13 (16 Sep 2005)
890
891 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
892 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
893 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
894 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
895 users should test this thoroughly.
896
897 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
898 - stable on x86
899
900 *hardened-sources-2.6.11-r15 (27 Jun 2005)
901
902 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
903 +hardened-sources-2.6.11-r15.ebuild:
904 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
905 grsec redefining curr_ip struct.
906
907 *hardened-sources-2.4.31 (20 Jun 2005)
908
909 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
910 initial import of 2.4.31 tree
911
912 *hardened-sources-2.6.11-r14 (14 Jun 2005)
913
914 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
915 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
916 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
917 naming scheme to abide by genpatches
918
919 *hardened-sources-2.6.11-r13 (18 May 2005)
920
921 18 May 2005; John Mylchreest <johnm@gentoo.org>
922 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
923 Managed to mangle the Makefile patch from grsec, to miss out the grsec
924 target. sorry about that. Fixes bug #93022
925
926 *hardened-sources-2.6.11-r12 (17 May 2005)
927
928 17 May 2005; John Mylchreest <johnm@gentoo.org>
929 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
930 +hardened-sources-2.6.11-r12.ebuild:
931 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
932 merges in genpatches-base
933
934 *hardened-sources-2.6.11-r12 (17 May 2005)
935
936 17 May 2005; John Mylchreest <johnm@gentoo.org>
937 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
938 +hardened-sources-2.6.11-r12.ebuild:
939 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
940 merges in genpatches-base
941
942 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
943 -files/2.4.27-cmdline-race.patch,
944 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
945 -files/2.4.28-grsec-binfmt_a.out.patch,
946 -files/2.4.28-grsec-cmdline-race.patch,
947 -files/2.4.28-selinux-binfmt_a.out.patch,
948 -files/2.4.28-selinux-cmdline-race.patch,
949 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
950 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
951 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
952 cleanup..
953
954 *hardened-sources-2.4.30-r1 (21 Apr 2005)
955
956 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
957 - disable aout by default
958
959 *hardened-sources-2.4.30 (18 Apr 2005)
960
961 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
962 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
963 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
964 use
965
966 *hardened-sources-2.4.29 (30 Mar 2005)
967
968 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
969 +hardened-sources-2.4.29.ebuild:
970 New hardened-patches-2.4-29.0 patchball.
971 Removed SELinux support, upgraded GRSecurity to 2.1.4.
972
973 *hardened-sources-2.4.28-r5 (06 Mar 2005)
974
975 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
976 +hardened-sources-2.4.28-r5.ebuild:
977 Added a fix for a PaX vulnerability.
978
979 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
980 hardened-sources-2.4.28-r4.ebuild:
981 Stable on x86
982
983 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
984 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
985 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
986 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
987 - fixed/added RDEPEND= in all kernel-2 ebuilds
988
989 *hardened-sources-2.4.28-r4 (21 Jan 2005)
990
991 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
992 +hardened-sources-2.4.28-r4.ebuild:
993 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
994 backport of neighbour hash updates.
995
996 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
997 hardened-sources-2.4.28-r3.ebuild:
998 Stable on x86
999
1000 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1001
1002 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1003 +hardened-sources-2.6.10-r3.ebuild:
1004 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1005 in 2005.0
1006
1007 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1008 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1009 hardened-sources-2.4.28-r2.ebuild:
1010 Mark stable on x86
1011
1012 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1013
1014 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1015 +hardened-sources-2.4.28-r3.ebuild:
1016 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1017
1018 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1019 hardened-sources-2.4.28.ebuild:
1020 Mark stable on x86.
1021
1022 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1023
1024 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1025 +hardened-sources-2.4.28-r2.ebuild:
1026 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1027 Mazinger for grsecurity patches as well.
1028
1029 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1030
1031 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1032 Security bump. Thank tocharian for rolling a new patchset...
1033
1034 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1035 +files/2.4.28-grsec-cmdline-race.patch,
1036 +files/2.4.28-selinux-binfmt_a.out.patch,
1037 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1038 - Round up remaining security patches that appear to be missing in 2.4.28. -
1039 PaX standalone updated to current. hgpv=28.1
1040
1041 *hardened-sources-2.4.28 (28 Nov 2004)
1042
1043 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1044 security bump. Thank tocharian for rolling a new patchset
1045
1046 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1047
1048 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1049 +hardened-sources-2.4.27-r3.ebuild:
1050 Applies the new 2.4-27.2 patchball which updates
1051 GRSecurity to the 2.0.1 version.
1052
1053 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1054
1055 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1056 +hardened-sources-2.4.27-r2.ebuild:
1057 Version bump.
1058 This version uses the new 2.4-27.1 patchball which updates
1059 both the SELinux PaX hooks patch and the SELinux headers.
1060
1061 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1062
1063 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1064 +hardened-sources-2.4.27-r1.ebuild,
1065 -hardened-sources-2.4.27.ebuild,
1066 +files/2.4.27-cmdline-race.patch:
1067 Version bump, fix for cmdline race. See bug #59905.
1068
1069 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1070
1071 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1072 +hardened-sources-2.4.26-r6.ebuild,
1073 -hardened-sources-2.4.26-r5.ebuild,
1074 -hardened-sources-2.4.26-r4.ebuild,
1075 +files/2.4.26-cmdline-race.patch:
1076 Version bump, fix for cmdline race. See bug #59905.
1077
1078 *hardened-sources-2.4.27 (08 Aug 2004)
1079
1080 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1081 +hardened-sources-2.4.27.ebuild,
1082 +files/2.4.27-CAN-2004-0394.patch:
1083 Ported the patchball to the 2.4.27 kernel version.
1084
1085 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1086
1087 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1088 +hardened-sources-2.4.26-r5.ebuild:
1089 Updated to use the new hardened-patches-2.4-26.1 patchball.
1090 It adds the following features:
1091 - Squashfs
1092 - Ebtables
1093 - Netdev random (core+drivers)
1094 - Watchdog Timer (WDT) fix.
1095
1096 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1097
1098 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1099 +hardened-sources-2.4.26-r4.ebuild,
1100 +files/2.4.26-CAN-2004-0415.patch,
1101 -hardened-sources-2.4.26-3:
1102 Version bump, fix for CAN 0415, see bug #59378.
1103
1104 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1105
1106 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1107 +hardened-sources-2.4.26-r3.ebuild,
1108 +files/2.4.26-CAN-2004-0497.patch,
1109 -hardened-sources-2.4.26-r2.ebuild:
1110 Version bump, fixed CAN 0497, see bug #56171.
1111
1112 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1113
1114 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1115 +hardened-sources-2.4.26-r2.ebuild,
1116 +files/2.4.26-CAN-2004-0495.patch,
1117 +files/2.4.26-CAN-2004-0535.patch,
1118 -hardened-sources-2.4.26-r1.ebuild:
1119 Fixes for both CAN 0495 and 0535, see bug #54976
1120
1121 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1122 hardened-sources-2.4.26-r1.ebuild:
1123 QA - fix use invocation
1124
1125 *hardened-sources-2.4.26-r1 (22 June 2004)
1126
1127 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1128 +hardened-sources-2.4.26-r1.ebuild,
1129 +files/2.4.26-CAN-2004-0394.patch,
1130 +files/2.4.26-signal-race.patch,
1131 -hardened-sources-2.4.26.ebuild,
1132 -hardened-sources-2.4.24-r3.ebuild:
1133 Version bump for the CAN-2004-0394 issue and bug #53804
1134 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1135
1136
1137 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1138 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1139 Masked hardened-sources-2.4.26.ebuild broken for ppc
1140
1141 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1142 hardened-sources-2.4.24-r3.ebuild:
1143 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1144
1145 *hardened-sources-2.4.26 (29 May 2004)
1146
1147 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1148 +hardened-sources-2.4.26.ebuild:
1149 Updated hardened-sources for the 2.4.26 kernel
1150 Removed broken components, updated almost everything.
1151
1152 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1153
1154 17 Apr 2004; <plasmaroo@gentoo.org>
1155 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1156 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1157 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1158 +hardened-sources-2.4.24-r3.ebuild:
1159 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1160 vulnerabilities. Old revisions removed.
1161
1162 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1163
1164 15 Apr 2004; <plasmaroo@gentoo.org>
1165 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1166 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1167 Version bump for the CAN-2004-0109 issue; bug #47881.
1168
1169 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1170 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1171 Add eutils to inherit.
1172
1173 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1174
1175 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1176 files/hardened-sources-2.4.24.munmap.patch:
1177 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1178
1179 *hardened-sources-2.4.24 (06 Feb 2004)
1180
1181 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1182 hardened-sources-2.4.24.ebuild:
1183 Version bump, updated most of the components.
1184 This release includes the following:
1185
1186 - Hardened security
1187 - Netfilter patch-o-matic 20031219
1188 - FreeSWAN 2.04 & x509 1.4.8
1189 - EVMS 2.2.2
1190 - XFS 1.3.1
1191 - cryptoloop jari
1192 - grsecurity 2.0-rc4
1193 - SELinux
1194 - PaX 200402060000
1195 - PaX Obscurity 200308302223
1196 - Others...
1197
1198 Neither -ck nor systrace are included anymore.
1199
1200 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1201
1202 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1203 hardened-sources-2.4.22-r2.ebuild:
1204 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1205
1206 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1207
1208 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1209 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1210
1211 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1212 hardened-sources-2.4.22-r1.ebuild:
1213 Version bump for the 'do_brk' vulnerability.
1214
1215 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1216 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1217 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1218 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1219 Fix the 'do_brk' vulnerability.
1220
1221 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1222 hardened-sources-2.4.22.ebuild:
1223 - Removed the src_install() portion for SELinux flask
1224 components. These are no longer handled in the kernel
1225 so this code was not necessary.
1226
1227 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1228 New 2.4.22 based hardened-sources thanks to
1229 Phil West <p.west@computer.org>.
1230
1231 These sources include:
1232 - New SELinux API
1233 - Updated CK-base
1234 - Updated GRSec
1235 - Systrace
1236 - SuperFreeS/WAN 1.99.8
1237 - Propolice kernel build support
1238 - EVMS
1239 - Other various security related patches
1240
1241 *hardened-sources-2.4.21 (14 Sep 2003)
1242
1243 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1244 Updated hardened-sources based on the 2.4.21 Linux kernel.
1245 This includes updates to most major components such as:
1246 - ck-base-0306300059
1247 - selinux-2.4-2003071106
1248 - grsecurity-2.0-rc1
1249 - Updated IPTables patch-o-matic
1250 - Updated SuperFreeS/WAN
1251
1252 Thanks to Phil West <pwest@computer.org> for his work in getting this
1253 updated patch set ready for the 2.4.21 based kernel.
1254
1255 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1256 Initial import of hardened-sources-2.4.20-r4. This revision
1257 includes only a few changes, but one of these is an important
1258 security fix. It is recommended all users of hardened-sources
1259 upgrade to this release.
1260
1261 - ioperm bug fix
1262 - fixed compilation failure when building without GRSec
1263
1264 SAL (Secure Auditing for Linux) is NOT included in this revision
1265 due to time constraints, but is planned for inclusion in the near
1266 future.
1267
1268 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1269
1270 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1271 hardened-sources-2.4.20-r3.ebuild:
1272 Add Header...
1273
1274 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1275 hardened-sources-2.4.20-r3.ebuild:
1276 Removed warnings from ebuild. This kernel should be safe to
1277 use at this point.
1278
1279 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1280
1281 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1282 hardened-sources-2.4.20-r3.ebuild:
1283 New revision. Includes the following changes over -r2:
1284
1285 - ck7-base (O(1), preempt, low latency)
1286 - Super FreeS/WAN 1.99.7rc2
1287 - PaX for the LSM/SELinux branch
1288 - GRSecurity 2.0-pre4 (role based access control)
1289 - Systrace 1.3
1290 - EXT3 fixes
1291 - EVMS 2.0.1
1292 - GCC 3.1+ compile optimizations
1293 - ProPolice kernel build support
1294 - Hashing table security fixes
1295
1296 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1297
1298 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1299 Initial import of hardened-sources-r2. This new
1300 ebuild includes many new performance and security
1301 related patches. As in -r1, it will patch in
1302 LSM/SELinux if "selinux" is in USE, otherwise it
1303 will patch in GRSecurity. The following patches
1304 are included in this revision:
1305
1306 - O(1) Scheduler, Low Latency, and Preempt
1307 (pulled from the base CK patch)
1308 - ptrace exploit patch for the LSM kernel
1309 (the GRSec patch already fixes this)
1310 - LSM 2.4-2003040709
1311 - SELinux 2.4-2003040709
1312 - Systrace v1.2
1313 - IPTables patch-o-matic base patches - 20030107
1314 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1315 - Super FreeS/WAN 1.99.6.1
1316 - GRSecurity 1.9.9g
1317 - MPPE
1318 - EXT3 data journal fix
1319 - CIPE 1.5.4
1320
1321 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1322 hardened-sources-2.4.20-r1.ebuild, manifest:
1323 Updated to install flask components correctly for selinux.
1324
1325 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1326 hardened-sources-2.4.20-r1.ebuild:
1327 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1328 is patched in instead. Ptrace patches for selinux have also been added. In
1329 either case, systrace support will be patched in as well.
1330
1331 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1332 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1333 Revision bump for new sources.
1334
1335 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1336 hardened-sources-2.4.20-r1.ebuild:
1337 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1338
1339 *hardened-sources-2.4.20 (30 Mar 2003)
1340
1341 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1342 hardened-sources-2.4.20.ebuild:
1343 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20