/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.217 - (show annotations) (download)
Wed Apr 9 08:30:07 2008 UTC (6 years, 9 months ago) by phreak
Branch: MAIN
Changes since 1.216: +4 -1 lines
Update the longdescription in metadata, thanks to Gordon Malm.
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.216 2008/04/08 16:46:08 nixnut Exp $
4
5 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
6 Update the longdescription in metadata, thanks to Gordon Malm.
7
8 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
9 Stable on ppc wrt bug #213255
10
11 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
12 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
13 - stable on x86/amd64 per request. Removed obsolete ebuilds
14
15 *hardened-sources-2.6.24 (07 Apr 2008)
16
17 07 Apr 2008; Christian Heim <phreak@gentoo.org>
18 +hardened-sources-2.6.24.ebuild:
19 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
20 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
21 for the many contributions and their continued effort in #216612) based on
22 2.6.24 and genpatches-2.6.24-5.
23
24 The current ebuild/patchset contains these things:
25 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
26 * Introduces bespoke server and workstation oriented security levels
27 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
28
29 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
30 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
31 maintaining it).
32
33 24 Mar 2008; Christian Heim <phreak@gentoo.org>
34 hardened-sources-2.4.35-r2.ebuild:
35 Fixing SRC_URI for 2.4.35-r2.
36
37 *hardened-sources-2.6.23-r9 (22 Mar 2008)
38
39 22 Mar 2008; Christian Heim <phreak@gentoo.org>
40 +hardened-sources-2.6.23-r9.ebuild:
41 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
42 * Change the default GIDs for some grsecurity options
43 * Revamp the Hardened [Gentoo] security level and make it the default level
44 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
45 * Fix a recursive lock -- call to capable() within ptrace_attach()
46 * Fix bug that allows audit and iscsi operations to be controlled via netlink
47
48 *hardened-sources-2.6.23-r8 (27 Feb 2008)
49
50 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
51 - version bump from Kerin Millar bug 210026
52
53 17 Feb 2008; <solar@gentoo.org> metadata.xml,
54 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
55 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
56 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
57 - stable on x86 and remove old ebuilds
58
59 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
60 - stable on amd64 per request of amd64 lead
61
62 *hardened-sources-2.6.23-r7 (11 Feb 2008)
63
64 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
65 - version bump from kerin.millar
66 Changes:
67
68 * Bump to genpatches-base-2.6.23-9
69 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
70 * Disables COMPAT_VDSO in x86/defconfig
71 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
72
73 25 Jan 2008; Christian Heim <phreak@gentoo.org>
74 -hardened-sources-2.6.22-r8.ebuild:
75 Cleaning up old versions.
76
77 *hardened-sources-2.6.23-r6 (25 Jan 2008)
78
79 25 Jan 2008; Christian Heim <phreak@gentoo.org>
80 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
81 Revision bump, pulling in the latest genpatches.
82
83 *hardened-sources-2.6.23-r5 (24 Dec 2007)
84
85 24 Dec 2007; Christian Heim <phreak@gentoo.org>
86 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
87 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
88 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
89 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
90
91 24 Dec 2007; Christian Heim <phreak@gentoo.org>
92 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
93 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
94 -hardened-sources-2.6.23-r3.ebuild:
95 Cleaning out some unused, old versions.
96
97 24 Dec 2007; Christian Heim <phreak@gentoo.org>
98 hardened-sources-2.6.23-r4.ebuild:
99 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
100 in the tree for long, but there isn't much of a difference between this and
101 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
102
103 *hardened-sources-2.6.23-r4 (23 Dec 2007)
104
105 23 Dec 2007; Christian Heim <phreak@gentoo.org>
106 +hardened-sources-2.6.23-r4.ebuild:
107 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
108
109 *hardened-sources-2.6.23-r3 (04 Dec 2007)
110
111 04 Dec 2007; Christian Heim <phreak@gentoo.org>
112 +hardened-sources-2.6.23-r3.ebuild:
113 Revision bump, pulling in 2.6.23.9.
114
115 *hardened-sources-2.6.23-r2 (25 Nov 2007)
116
117 25 Nov 2007; Christian Heim <phreak@gentoo.org>
118 +hardened-sources-2.6.23-r2.ebuild:
119 Updated patchset, thanks to solar.
120
121 *hardened-sources-2.6.23-r1 (31 Oct 2007)
122
123 31 Oct 2007; Christian Heim <phreak@gentoo.org>
124 +hardened-sources-2.6.23-r1.ebuild:
125 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
126
127 29 Oct 2007; <solar@gentoo.org> metadata.xml:
128 - update metadata.xml
129
130 25 Oct 2007; Christian Heim <phreak@gentoo.org>
131 hardened-sources-2.6.22-r8.ebuild:
132 Marking 2.6.22-r8 stable on amd64 and x86.
133
134 21 Oct 2007; Christian Heim <phreak@gentoo.org>
135 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
136 -hardened-sources-2.6.21-r4.ebuild:
137 Removing old ebuilds.
138
139 *hardened-sources-2.4.35-r2 (21 Oct 2007)
140
141 21 Oct 2007; Christian Heim <phreak@gentoo.org>
142 +hardened-sources-2.4.35-r2.ebuild:
143 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
144 patches.
145
146 *hardened-sources-2.6.22-r8 (21 Oct 2007)
147
148 21 Oct 2007; Christian Heim <phreak@gentoo.org>
149 +hardened-sources-2.6.22-r8.ebuild:
150 Yet another new patch, hopefully fixing the remaining issues we had w/
151 2.6.22. Candidate for stabling.
152
153 *hardened-sources-2.6.23 (13 Oct 2007)
154
155 13 Oct 2007; Christian Heim <phreak@gentoo.org>
156 +hardened-sources-2.6.23.ebuild:
157 Initial hardened-sources-2.6.23. If people still have problems w/ bug
158 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
159
160 11 Oct 2007; Christian Heim <phreak@gentoo.org>
161 hardened-sources-2.6.20-r10.ebuild:
162 Pulling in yet another new genpatches version, fixing the PWC bug for real.
163
164 04 Oct 2007; Christian Heim <phreak@gentoo.org>
165 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
166 Removing old versions.
167
168 *hardened-sources-2.6.22-r7 (01 Oct 2007)
169
170 01 Oct 2007; Christian Heim <phreak@gentoo.org>
171 +hardened-sources-2.6.22-r7.ebuild:
172 Revision bump, pulling in a newer patch. Should fix #194276.
173
174 30 Sep 2007; Christian Heim <phreak@gentoo.org>
175 hardened-sources-2.6.20-r10.ebuild:
176 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
177 Mike Doty).
178
179 *hardened-sources-2.6.22-r6 (26 Sep 2007)
180
181 26 Sep 2007; Christian Heim <phreak@gentoo.org>
182 +hardened-sources-2.6.22-r6.ebuild:
183 Revision bump, grabbing up till Linux 2.6.22.9.
184
185 24 Sep 2007; Christian Heim <phreak@gentoo.org>
186 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
187 Cleaning up further.
188
189 *hardened-sources-2.6.20-r10 (24 Sep 2007)
190
191 24 Sep 2007; Christian Heim <phreak@gentoo.org>
192 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
193 +hardened-sources-2.6.20-r10.ebuild:
194 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
195 revisions.
196
197 *hardened-sources-2.6.22-r5 (22 Sep 2007)
198
199 22 Sep 2007; Christian Heim <phreak@gentoo.org>
200 +hardened-sources-2.6.22-r5.ebuild:
201 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
202
203 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
204 Removing johnm from metadata.xml (see #186467 for reference).
205
206 *hardened-sources-2.6.22-r4 (17 Sep 2007)
207
208 17 Sep 2007; Christian Heim <phreak@gentoo.org>
209 +hardened-sources-2.6.22-r4.ebuild:
210 Revision bump, hopefully fixing all those weird PAX failures.
211
212 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
213 Updating the metadata.xml.
214
215 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
216 Removing tocharian from metadata due to his retirement (see #71718 for
217 reference).
218
219 *hardened-sources-2.6.20-r9 (30 Aug 2007)
220
221 30 Aug 2007; Christian Heim <phreak@gentoo.org>
222 +hardened-sources-2.6.20-r9.ebuild:
223 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
224
225 29 Aug 2007; Christian Heim <phreak@gentoo.org>
226 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
227 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
228 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
229 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
230 -hardened-sources-2.6.22-r2.ebuild:
231 Removing some redundant versions.
232
233 *hardened-sources-2.4.35-r1 (29 Aug 2007)
234
235 29 Aug 2007; Christian Heim <phreak@gentoo.org>
236 +hardened-sources-2.4.35-r1.ebuild:
237 Revision bump, new grsecurity patch.
238
239 *hardened-sources-2.6.20-r8 (26 Aug 2007)
240
241 26 Aug 2007; Christian Heim <phreak@gentoo.org>
242 +hardened-sources-2.6.20-r8.ebuild:
243 Revision bump for Linux 2.6.20.17.
244
245 *hardened-sources-2.6.22-r3 (22 Aug 2007)
246
247 22 Aug 2007; Christian Heim <phreak@gentoo.org>
248 +hardened-sources-2.6.22-r3.ebuild:
249 Revision bump for Linux 2.6.22.4.
250
251 16 Aug 2007; Christian Heim <phreak@gentoo.org>
252 hardened-sources-2.6.22-r2.ebuild:
253 Updated patchset, to fix the alignment against 2.6.22.3.
254
255 *hardened-sources-2.6.22-r2 (16 Aug 2007)
256
257 16 Aug 2007; Christian Heim <phreak@gentoo.org>
258 +hardened-sources-2.6.22-r2.ebuild:
259 Revision bump for Linux 2.6.22.3.
260
261 *hardened-sources-2.4.35 (16 Aug 2007)
262
263 16 Aug 2007; Christian Heim <phreak@gentoo.org>
264 +hardened-sources-2.4.35.ebuild:
265 Version bump, initial version for Linux 2.4.35.
266
267 *hardened-sources-2.6.21-r4 (16 Aug 2007)
268
269 16 Aug 2007; Christian Heim <phreak@gentoo.org>
270 +hardened-sources-2.6.21-r4.ebuild:
271 Revision bump for Linux 2.6.21.6.
272
273 *hardened-sources-2.6.20-r7 (16 Aug 2007)
274
275 16 Aug 2007; Christian Heim <phreak@gentoo.org>
276 +hardened-sources-2.6.20-r7.ebuild:
277 Revision bump for Linux 2.6.20.16.
278
279 *hardened-sources-2.6.22-r1 (13 Aug 2007)
280
281 13 Aug 2007; Christian Heim <phreak@gentoo.org>
282 +hardened-sources-2.6.22-r1.ebuild:
283 Yet another revision bump.
284
285 *hardened-sources-2.6.22 (10 Aug 2007)
286
287 10 Aug 2007; Christian Heim <phreak@gentoo.org>
288 +hardened-sources-2.6.22.ebuild:
289 Initial release for 2.6.22. If you are using hardened-sources on a desktop
290 machine (P4 or newer), be aware you might need to disable
291 CONFIG_PAX_PAGEEXEC.
292
293 04 Aug 2007; Christian Heim <phreak@gentoo.org>
294 hardened-sources-2.6.20-r6.ebuild:
295 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
296 2.6.20.15.
297
298 10 Jul 2007; Christian Heim <phreak@gentoo.org>
299 hardened-sources-2.6.20-r5.ebuild:
300 Marking hardened-sources-2.6.20-r5 stable on ppc.
301
302 10 Jul 2007; Christian Heim <phreak@gentoo.org>
303 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
304 Cleanup.
305
306 *hardened-sources-2.6.20-r6 (08 Jul 2007)
307
308 08 Jul 2007; Christian Heim <phreak@gentoo.org>
309 +hardened-sources-2.6.20-r6.ebuild:
310 Revision bump, grabbing yet another stable release.
311
312 17 Jun 2007; Christian Heim <phreak@gentoo.org>
313 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
314 -hardened-sources-2.6.21-r2.ebuild:
315 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
316 alpha stable KEYWORD by mistake.
317
318 17 Jun 2007; Christian Heim <phreak@gentoo.org>
319 hardened-sources-2.6.20-r5.ebuild:
320 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
321 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
322
323 *hardened-sources-2.6.21-r3 (12 Jun 2007)
324
325 12 Jun 2007; Christian Heim <phreak@gentoo.org>
326 +hardened-sources-2.6.21-r3.ebuild:
327 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
328 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
329 love.
330
331 *hardened-sources-2.6.20-r5 (11 Jun 2007)
332
333 11 Jun 2007; Christian Heim <phreak@gentoo.org>
334 +hardened-sources-2.6.20-r5.ebuild:
335 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
336 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
337 love.
338
339 *hardened-sources-2.4.34.5 (11 Jun 2007)
340
341 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
342 +hardened-sources-2.4.34.5.ebuild:
343 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
344
345 30 May 2007; Christian Heim <phreak@gentoo.org>
346 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
347 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
348 stale ebuild(s).
349
350 30 May 2007; Christian Heim <phreak@gentoo.org>
351 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
352 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
353 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
354 Doing some cleanups, remove stale ebuilds.
355
356 26 May 2007; Christian Heim <phreak@gentoo.org>
357 hardened-sources-2.6.21-r2.ebuild:
358 Fixing the grsecurity patch, had one '};' too much.
359
360 *hardened-sources-2.6.21-r2 (26 May 2007)
361
362 26 May 2007; Christian Heim <phreak@gentoo.org>
363 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
364 +hardened-sources-2.6.21-r2.ebuild:
365 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
366 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
367
368 *hardened-sources-2.6.20-r4 (26 May 2007)
369
370 26 May 2007; Christian Heim <phreak@gentoo.org>
371 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
372 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
373 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
374
375 15 May 2007; Christian Heim <phreak@gentoo.org>
376 hardened-sources-2.6.20-r3.ebuild:
377 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
378 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
379 grsecurity patch fail in that exact same hunk.
380
381 *hardened-sources-2.6.20-r3 (15 May 2007)
382
383 15 May 2007; Christian Heim <phreak@gentoo.org>
384 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
385 Revision bump, incorporating Linux 2.6.20.11.
386
387 *hardened-sources-2.6.21-r1 (11 May 2007)
388
389 11 May 2007; Christian Heim <phreak@gentoo.org>
390 +hardened-sources-2.6.21-r1.ebuild:
391 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
392 mentioned in #177234.
393
394 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
395 files/digest-hardened-sources-2.6.21, Manifest:
396 Fix Manifest/digest for linux-2.6.21.tar.bz2
397
398 06 May 2007; Christian Heim <phreak@gentoo.org>
399 hardened-sources-2.6.21.ebuild:
400 Bumping the hardened-patches version, needed for the fix for #177234.
401
402 *hardened-sources-2.6.21 (02 May 2007)
403
404 02 May 2007; Christian Heim <phreak@gentoo.org>
405 +hardened-sources-2.6.21.ebuild:
406 Version bump, Linux 2.6.21-hardened.
407
408 29 Apr 2007; Christian Heim <phreak@gentoo.org>
409 hardened-sources-2.6.20-r2.ebuild:
410 Adding ~ia64 on Ned's request.
411
412 29 Apr 2007; Christian Heim <phreak@gentoo.org>
413 hardened-sources-2.6.20-r2.ebuild:
414 Fixing the included grsecurity patch, wasn't alligning due to the Index:
415 header line(s).
416
417 29 Apr 2007; Christian Heim <phreak@gentoo.org>
418 hardened-sources-2.6.20-r2.ebuild:
419 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
420
421 *hardened-sources-2.6.20-r2 (10 Apr 2007)
422
423 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
424 +hardened-sources-2.6.20-r2.ebuild:
425 Version bump, on behalf of phreak
426
427 *hardened-sources-2.6.20-r1 (04 Apr 2007)
428
429 04 Apr 2007; Christian Heim <phreak@gentoo.org>
430 +hardened-sources-2.6.20-r1.ebuild:
431 Revision bump, grabbing a newer grsecurity snapshot.
432
433 *hardened-sources-2.6.20 (25 Mar 2007)
434
435 25 Mar 2007; Christian Heim <phreak@gentoo.org>
436 +hardened-sources-2.6.20.ebuild:
437 Finally a hardened-sources version for 2.6.20; many people have been waiting
438 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
439 testbox.
440
441 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
442 hardened-sources-2.6.18-r6.ebuild:
443 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
444
445 *hardened-sources-2.6.18-r6 (16 Mar 2007)
446
447 16 Mar 2007; Christian Heim <phreak@gentoo.org>
448 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
449 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
450 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
451 supposed to be.
452
453 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
454 Fixing the Manifest, the previous one was broken (as in still had the
455 deleted ebuild in it).
456
457 06 Mar 2007; Christian Heim <phreak@gentoo.org>
458 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
459 +hardened-sources-2.6.18-r5.ebuild:
460 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
461 Linux 2.6.18.8. Also cleaning up the older version.
462
463 *hardened-sources-2.6.18-r5 (06 Mar 2007)
464
465 06 Mar 2007; Christian Heim <phreak@gentoo.org>
466 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
467 +hardened-sources-2.6.18-r5.ebuild:
468 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
469 Linux 2.6.18.8. Also cleaning up the older version.
470
471 24 Feb 2007; Christian Heim <phreak@gentoo.org>
472 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
473 -hardened-sources-2.6.19-r5.ebuild:
474 Removing some of the old version, that didn't work.
475
476 *hardened-sources-2.6.19-r6 (12 Feb 2007)
477
478 12 Feb 2007; Christian Heim <phreak@gentoo.org>
479 +hardened-sources-2.6.19-r6.ebuild:
480 Revision bump, including a new grsec version fixing #166235.
481
482 *hardened-sources-2.4.34 (24 Jan 2007)
483
484 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
485 Manifest:
486 updating Manifest with checksums of new tarball and ebuild
487
488 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
489 +hardened-sources-2.4.34.ebuild:
490 I added new hardened sources 2.4 update, this is a critical path
491 security bugfix - all users of h-s are strongly advised
492 to update their existing hardened sources to this version.
493 It contains a fix for a kernel vulnerability that is pertaining
494 to the PaX changes to virtual memory management, possibly leading
495 to a local kernel exploit ... see grsecurity.net forums and homepage
496
497 23 Jan 2007; Christian Heim <phreak@gentoo.org>
498 files/digest-hardened-sources-2.6.19-r5, Manifest:
499 Fixing the patch-tarball digest.
500
501 *hardened-sources-2.6.19-r5 (23 Jan 2007)
502
503 23 Jan 2007; Christian Heim <phreak@gentoo.org>
504 +hardened-sources-2.6.19-r5.ebuild:
505 Revision bump, closing the recently discovered PaX expand_stack()
506 vulnerability.
507
508 *hardened-sources-2.6.19-r4 (14 Jan 2007)
509
510 14 Jan 2007; Christian Heim <phreak@gentoo.org>
511 +hardened-sources-2.6.19-r4.ebuild:
512 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
513 dropping the randomized PID feature.
514
515 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
516 hardened-sources-2.4.33.4.ebuild:
517 stable x86, bug #161171
518
519 *hardened-sources-2.6.19-r3 (27 Dec 2006)
520
521 27 Dec 2006; Christian Heim <phreak@gentoo.org>
522 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
523 Revision bump for bug #157186 and #158786.
524
525 *hardened-sources-2.6.18-r4 (27 Dec 2006)
526
527 27 Dec 2006; Christian Heim <phreak@gentoo.org>
528 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
529 Revision bump for bug #157186.
530
531 *hardened-sources-2.6.19-r2 (23 Dec 2006)
532
533 23 Dec 2006; Christian Heim <phreak@gentoo.org>
534 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
535 Revision bump to pull in genpatches-2.6.19-3 for #157186.
536
537 17 Dec 2006; Christian Heim <phreak@gentoo.org>
538 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
539 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
540 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
541 hardened-sources-2.6.19-r1.ebuild:
542 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
543 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
544
545 *hardened-sources-2.4.33.4 (17 Dec 2006)
546
547 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
548 +hardened-sources-2.4.33.4.ebuild:
549 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
550 and quilting
551
552 *hardened-sources-2.6.19-r1 (14 Dec 2006)
553
554 14 Dec 2006; Christian Heim <phreak@gentoo.org>
555 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
556 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
557 for reporting).
558
559 *hardened-sources-2.6.19 (13 Dec 2006)
560
561 13 Dec 2006; Christian Heim <phreak@gentoo.org>
562 +hardened-sources-2.6.19.ebuild:
563 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
564 Brad for providing that prompt update.
565
566 *hardened-sources-2.6.18-r3 (13 Dec 2006)
567
568 13 Dec 2006; Christian Heim <phreak@gentoo.org>
569 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
570 +hardened-sources-2.6.18-r3.ebuild:
571 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
572 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
573
574 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
575 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
576
577 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
578 Stable on ppc wrt bug 157356
579
580 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
581 hardened-sources-2.6.18.ebuild:
582 stable x86, bug #157356
583
584 *hardened-sources-2.6.18-r2 (06 Dec 2006)
585
586 06 Dec 2006; Christian Heim <phreak@gentoo.org>
587 +hardened-sources-2.6.18-r2.ebuild:
588 Revision bump, including 2.6.18.5 (via genpatches) and
589 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
590 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
591 redesign.
592
593 06 Dec 2006; Christian Heim <phreak@gentoo.org>
594 hardened-sources-2.6.18.ebuild:
595 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
596 of Mike Doty).
597
598 *hardened-sources-2.6.18-r1 (23 Nov 2006)
599
600 23 Nov 2006; Christian Heim <phreak@gentoo.org>
601 +hardened-sources-2.6.18-r1.ebuild:
602 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
603
604 *hardened-sources-2.6.18 (11 Nov 2006)
605
606 11 Nov 2006; Christian Heim <phreak@gentoo.org>
607 +hardened-sources-2.6.18.ebuild:
608 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
609
610 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
611 - mark amd64 stable also. bug #151877
612
613 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
614 - mark 2.6.17-r1 stable
615
616 27 Aug 2006; Christian Heim <phreak@gentoo.org>
617 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
618 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
619
620 *hardened-sources-2.6.17-r1 (26 Aug 2006)
621
622 26 Aug 2006; Christian Heim <phreak@gentoo.org>
623 +hardened-sources-2.6.17-r1.ebuild:
624 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
625 grsecurity patch.
626
627 *hardened-sources-2.6.17 (17 Aug 2006)
628
629 17 Aug 2006; Christian Heim <phreak@gentoo.org>
630 +hardened-sources-2.6.17.ebuild:
631 Bumping the hardened-sources-2.6 series to 2.6.17, using
632 genpatches-2.6.17-6.base.
633
634 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
635 - stable on x86 and amd64
636
637 *hardened-sources-2.6.16-r11 (15 Jul 2006)
638
639 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
640 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
641 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
642 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
643 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
644 crusty ebuilds
645
646 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
647 hardened-sources-2.6.16-r10.ebuild:
648 marking stable on x86 and amd64
649
650 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
651 - 2.4.32-r6 stable on x86. RSBAC state unknown
652
653 *hardened-sources-2.4.32-r7 (10 Jul 2006)
654
655 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
656 +hardened-sources-2.4.32-r7.ebuild:
657 Bump PaX for RSBAC to test-17
658
659 *hardened-sources-2.6.16-r9 (03 Jul 2006)
660
661 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
662 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
663 hardened-sources-2.6.16 bump to latest -base.
664
665 *hardened-sources-2.4.32-r6 (30 Jun 2006)
666
667 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
668 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
669 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
670 sysctl controlable resource logging
671
672 *hardened-sources-2.6.16-r7 (05 Jun 2006)
673
674 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
675 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
676 push new 2.6.16 release in preparation for stable
677
678 22 May 2006; <solar@gentoo.org> :
679 - redigest bug 134002
680
681 *hardened-sources-2.4.32-r5 (16 May 2006)
682
683 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
684 +hardened-sources-2.4.32-r5.ebuild:
685 Fixes rsbac common patching (new patch in new -r5 patchset)
686
687 *hardened-sources-2.4.32-r4 (13 May 2006)
688
689 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
690 +hardened-sources-2.4.32-r4.ebuild:
691 - security bumps
692
693 *hardened-sources-2.6.16-r6 (03 May 2006)
694
695 03 May 2006; John Mylchreest <johnm@gentoo.org>
696 +hardened-sources-2.6.16-r6.ebuild:
697 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
698
699 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
700 hardened-sources-2.6.14-r8.ebuild:
701 fix x86_64 build problem, this will delay the digest issue again for a short
702 while but it will sort itself out
703
704 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
705 hardened-sources-2.6.14-r8.ebuild:
706 bump hardened patchset
707
708 27 Apr 2006; Alec Warner <antarus@gentoo.org>
709 files/digest-hardened-sources-2.4.32-r2,
710 files/digest-hardened-sources-2.4.32-r3,
711 files/digest-hardened-sources-2.6.14-r8, Manifest:
712 Fixing duff SHA256 digests: Bug # 131293
713
714 *hardened-sources-2.6.16-r5 (27 Apr 2006)
715
716 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
717 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
718 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
719 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
720 cleanup of old uneccessary sources
721
722 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
723 fix digest
724
725 *hardened-sources-2.6.14-r8 (20 Apr 2006)
726
727 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
728 +hardened-sources-2.6.14-r8.ebuild:
729 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
730
731 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
732 Turning on gpg-signing again, and recomitting
733
734 *hardened-sources-2.6.16-r4 (20 Apr 2006)
735
736 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
737 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
738 +hardened-sources-2.6.16-r4.ebuild:
739 Fix numerous security vulns
740
741 *hardened-sources-2.4.32-r3 (16 Apr 2006)
742
743 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
744 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
745 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
746 - security bump for bug #112791. Removed old ebuilds
747
748 *hardened-sources-2.6.16-r3 (15 Apr 2006)
749
750 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
751 +hardened-sources-2.6.16-r3.ebuild:
752 Removing silly localversion which I missed
753
754 *hardened-sources-2.6.14-r7 (14 Apr 2006)
755
756 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
757 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
758 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
759
760 *hardened-sources-2.6.16-r2 (13 Apr 2006)
761
762 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
763 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
764 +hardened-sources-2.6.16-r2.ebuild:
765 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
766 labels, dropping USERGROUP define fixes, since these were merged mainstream.
767
768 *hardened-sources-2.6.16-r1 (11 Apr 2006)
769
770 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
771 +hardened-sources-2.6.16-r1.ebuild:
772 Bumping to include ppc build fix and 2.6.16.3
773
774 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
775 hardened-sources-2.6.14-r6.ebuild:
776 Stable on x86; bug #127718
777
778 *hardened-sources-2.6.16 (31 Mar 2006)
779
780 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
781 +hardened-sources-2.6.16.ebuild:
782 Bumping to new version of grsec, and kernel base. New squashfs. Based on
783 2.6.16.1
784
785 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
786 hardened-sources-2.6.14-r6.ebuild:
787 Stable on amd64, bug 127718.
788
789 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
790 Stable on ppc. Bug #127718
791
792 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
793 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
794 -hardened-sources-2.6.14-r4.ebuild:
795 Cleanup.
796
797 *hardened-sources-2.6.14-r6 (15 Mar 2006)
798
799 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
800 +hardened-sources-2.6.14-r6.ebuild:
801 Fixes grsec policy recreation bug and adds a
802 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
803
804 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
805 - stable on x86
806
807 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
808 hardened-sources-2.6.14-r5.ebuild:
809 Stable on ppc.
810
811 *hardened-sources-2.6.14-r5 (01 Feb 2006)
812
813 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
814 +hardened-sources-2.6.14-r5.ebuild:
815 fixing every known exploit
816
817 *hardened-sources-2.4.32-r2 (26 Jan 2006)
818
819 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
820 +hardened-sources-2.4.32-r2.ebuild:
821 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
822
823 *hardened-sources-2.6.14-r4 (12 Jan 2006)
824
825 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
826 - version bump for new genpatches which fix up a few sec holes
827
828 *hardened-sources-2.4.32-r1 (05 Jan 2006)
829
830 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
831 - revision bump to add misc vital linux kernel security patches.
832
833 *hardened-sources-2.6.14-r3 (30 Dec 2005)
834
835 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
836 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
837 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
838
839 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
840 hardened-sources-2.6.14-r2.ebuild:
841 making x86 & amd64 stable following testing.
842
843 *hardened-sources-2.6.14-r2 (27 Dec 2005)
844
845 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
846 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
847 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
848 network hooks.
849
850 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
851 hardened-sources-2.6.14-r1.ebuild:
852 bumping to stable early for sec fix on x86 & amd64
853
854 *hardened-sources-2.6.14-r1 (05 Dec 2005)
855
856 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
857 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
858 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
859
860 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
861 - stable on x86 security bug #114227 CAN-2005-3257
862
863 *hardened-sources-2.4.32 (19 Nov 2005)
864
865 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
866 +hardened-sources-2.4.32.ebuild:
867 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
868 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
869 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
870 rsbac >> /etc/portage/package.use)
871
872 *hardened-sources-2.6.14 (14 Nov 2005)
873
874 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
875 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
876 Bumping 2.6 series to 2.6.14.2
877
878 *hardened-sources-2.6.13-r2 (20 Oct 2005)
879
880 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
881 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
882 +hardened-sources-2.6.13-r2.ebuild:
883 Fixes minor build error in ppc.
884
885 *hardened-sources-2.6.13-r1 (17 Oct 2005)
886
887 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
888 +hardened-sources-2.6.13-r1.ebuild:
889 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
890 2.6.13.4, fixes some major amd64 stability problems.
891
892 *hardened-sources-2.6.13 (16 Sep 2005)
893
894 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
895 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
896 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
897 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
898 users should test this thoroughly.
899
900 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
901 - stable on x86
902
903 *hardened-sources-2.6.11-r15 (27 Jun 2005)
904
905 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
906 +hardened-sources-2.6.11-r15.ebuild:
907 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
908 grsec redefining curr_ip struct.
909
910 *hardened-sources-2.4.31 (20 Jun 2005)
911
912 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
913 initial import of 2.4.31 tree
914
915 *hardened-sources-2.6.11-r14 (14 Jun 2005)
916
917 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
918 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
919 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
920 naming scheme to abide by genpatches
921
922 *hardened-sources-2.6.11-r13 (18 May 2005)
923
924 18 May 2005; John Mylchreest <johnm@gentoo.org>
925 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
926 Managed to mangle the Makefile patch from grsec, to miss out the grsec
927 target. sorry about that. Fixes bug #93022
928
929 *hardened-sources-2.6.11-r12 (17 May 2005)
930
931 17 May 2005; John Mylchreest <johnm@gentoo.org>
932 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
933 +hardened-sources-2.6.11-r12.ebuild:
934 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
935 merges in genpatches-base
936
937 *hardened-sources-2.6.11-r12 (17 May 2005)
938
939 17 May 2005; John Mylchreest <johnm@gentoo.org>
940 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
941 +hardened-sources-2.6.11-r12.ebuild:
942 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
943 merges in genpatches-base
944
945 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
946 -files/2.4.27-cmdline-race.patch,
947 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
948 -files/2.4.28-grsec-binfmt_a.out.patch,
949 -files/2.4.28-grsec-cmdline-race.patch,
950 -files/2.4.28-selinux-binfmt_a.out.patch,
951 -files/2.4.28-selinux-cmdline-race.patch,
952 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
953 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
954 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
955 cleanup..
956
957 *hardened-sources-2.4.30-r1 (21 Apr 2005)
958
959 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
960 - disable aout by default
961
962 *hardened-sources-2.4.30 (18 Apr 2005)
963
964 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
965 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
966 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
967 use
968
969 *hardened-sources-2.4.29 (30 Mar 2005)
970
971 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
972 +hardened-sources-2.4.29.ebuild:
973 New hardened-patches-2.4-29.0 patchball.
974 Removed SELinux support, upgraded GRSecurity to 2.1.4.
975
976 *hardened-sources-2.4.28-r5 (06 Mar 2005)
977
978 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
979 +hardened-sources-2.4.28-r5.ebuild:
980 Added a fix for a PaX vulnerability.
981
982 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
983 hardened-sources-2.4.28-r4.ebuild:
984 Stable on x86
985
986 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
987 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
988 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
989 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
990 - fixed/added RDEPEND= in all kernel-2 ebuilds
991
992 *hardened-sources-2.4.28-r4 (21 Jan 2005)
993
994 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
995 +hardened-sources-2.4.28-r4.ebuild:
996 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
997 backport of neighbour hash updates.
998
999 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1000 hardened-sources-2.4.28-r3.ebuild:
1001 Stable on x86
1002
1003 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1004
1005 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1006 +hardened-sources-2.6.10-r3.ebuild:
1007 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1008 in 2005.0
1009
1010 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1011 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1012 hardened-sources-2.4.28-r2.ebuild:
1013 Mark stable on x86
1014
1015 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1016
1017 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1018 +hardened-sources-2.4.28-r3.ebuild:
1019 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1020
1021 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1022 hardened-sources-2.4.28.ebuild:
1023 Mark stable on x86.
1024
1025 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1026
1027 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1028 +hardened-sources-2.4.28-r2.ebuild:
1029 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1030 Mazinger for grsecurity patches as well.
1031
1032 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1033
1034 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1035 Security bump. Thank tocharian for rolling a new patchset...
1036
1037 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1038 +files/2.4.28-grsec-cmdline-race.patch,
1039 +files/2.4.28-selinux-binfmt_a.out.patch,
1040 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1041 - Round up remaining security patches that appear to be missing in 2.4.28. -
1042 PaX standalone updated to current. hgpv=28.1
1043
1044 *hardened-sources-2.4.28 (28 Nov 2004)
1045
1046 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1047 security bump. Thank tocharian for rolling a new patchset
1048
1049 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1050
1051 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1052 +hardened-sources-2.4.27-r3.ebuild:
1053 Applies the new 2.4-27.2 patchball which updates
1054 GRSecurity to the 2.0.1 version.
1055
1056 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1057
1058 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1059 +hardened-sources-2.4.27-r2.ebuild:
1060 Version bump.
1061 This version uses the new 2.4-27.1 patchball which updates
1062 both the SELinux PaX hooks patch and the SELinux headers.
1063
1064 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1065
1066 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1067 +hardened-sources-2.4.27-r1.ebuild,
1068 -hardened-sources-2.4.27.ebuild,
1069 +files/2.4.27-cmdline-race.patch:
1070 Version bump, fix for cmdline race. See bug #59905.
1071
1072 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1073
1074 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1075 +hardened-sources-2.4.26-r6.ebuild,
1076 -hardened-sources-2.4.26-r5.ebuild,
1077 -hardened-sources-2.4.26-r4.ebuild,
1078 +files/2.4.26-cmdline-race.patch:
1079 Version bump, fix for cmdline race. See bug #59905.
1080
1081 *hardened-sources-2.4.27 (08 Aug 2004)
1082
1083 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1084 +hardened-sources-2.4.27.ebuild,
1085 +files/2.4.27-CAN-2004-0394.patch:
1086 Ported the patchball to the 2.4.27 kernel version.
1087
1088 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1089
1090 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1091 +hardened-sources-2.4.26-r5.ebuild:
1092 Updated to use the new hardened-patches-2.4-26.1 patchball.
1093 It adds the following features:
1094 - Squashfs
1095 - Ebtables
1096 - Netdev random (core+drivers)
1097 - Watchdog Timer (WDT) fix.
1098
1099 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1100
1101 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1102 +hardened-sources-2.4.26-r4.ebuild,
1103 +files/2.4.26-CAN-2004-0415.patch,
1104 -hardened-sources-2.4.26-3:
1105 Version bump, fix for CAN 0415, see bug #59378.
1106
1107 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1108
1109 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1110 +hardened-sources-2.4.26-r3.ebuild,
1111 +files/2.4.26-CAN-2004-0497.patch,
1112 -hardened-sources-2.4.26-r2.ebuild:
1113 Version bump, fixed CAN 0497, see bug #56171.
1114
1115 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1116
1117 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1118 +hardened-sources-2.4.26-r2.ebuild,
1119 +files/2.4.26-CAN-2004-0495.patch,
1120 +files/2.4.26-CAN-2004-0535.patch,
1121 -hardened-sources-2.4.26-r1.ebuild:
1122 Fixes for both CAN 0495 and 0535, see bug #54976
1123
1124 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1125 hardened-sources-2.4.26-r1.ebuild:
1126 QA - fix use invocation
1127
1128 *hardened-sources-2.4.26-r1 (22 June 2004)
1129
1130 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1131 +hardened-sources-2.4.26-r1.ebuild,
1132 +files/2.4.26-CAN-2004-0394.patch,
1133 +files/2.4.26-signal-race.patch,
1134 -hardened-sources-2.4.26.ebuild,
1135 -hardened-sources-2.4.24-r3.ebuild:
1136 Version bump for the CAN-2004-0394 issue and bug #53804
1137 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1138
1139
1140 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1141 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1142 Masked hardened-sources-2.4.26.ebuild broken for ppc
1143
1144 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1145 hardened-sources-2.4.24-r3.ebuild:
1146 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1147
1148 *hardened-sources-2.4.26 (29 May 2004)
1149
1150 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1151 +hardened-sources-2.4.26.ebuild:
1152 Updated hardened-sources for the 2.4.26 kernel
1153 Removed broken components, updated almost everything.
1154
1155 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1156
1157 17 Apr 2004; <plasmaroo@gentoo.org>
1158 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1159 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1160 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1161 +hardened-sources-2.4.24-r3.ebuild:
1162 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1163 vulnerabilities. Old revisions removed.
1164
1165 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1166
1167 15 Apr 2004; <plasmaroo@gentoo.org>
1168 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1169 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1170 Version bump for the CAN-2004-0109 issue; bug #47881.
1171
1172 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1173 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1174 Add eutils to inherit.
1175
1176 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1177
1178 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1179 files/hardened-sources-2.4.24.munmap.patch:
1180 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1181
1182 *hardened-sources-2.4.24 (06 Feb 2004)
1183
1184 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1185 hardened-sources-2.4.24.ebuild:
1186 Version bump, updated most of the components.
1187 This release includes the following:
1188
1189 - Hardened security
1190 - Netfilter patch-o-matic 20031219
1191 - FreeSWAN 2.04 & x509 1.4.8
1192 - EVMS 2.2.2
1193 - XFS 1.3.1
1194 - cryptoloop jari
1195 - grsecurity 2.0-rc4
1196 - SELinux
1197 - PaX 200402060000
1198 - PaX Obscurity 200308302223
1199 - Others...
1200
1201 Neither -ck nor systrace are included anymore.
1202
1203 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1204
1205 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1206 hardened-sources-2.4.22-r2.ebuild:
1207 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1208
1209 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1210
1211 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1212 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1213
1214 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1215 hardened-sources-2.4.22-r1.ebuild:
1216 Version bump for the 'do_brk' vulnerability.
1217
1218 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1219 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1220 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1221 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1222 Fix the 'do_brk' vulnerability.
1223
1224 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1225 hardened-sources-2.4.22.ebuild:
1226 - Removed the src_install() portion for SELinux flask
1227 components. These are no longer handled in the kernel
1228 so this code was not necessary.
1229
1230 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1231 New 2.4.22 based hardened-sources thanks to
1232 Phil West <p.west@computer.org>.
1233
1234 These sources include:
1235 - New SELinux API
1236 - Updated CK-base
1237 - Updated GRSec
1238 - Systrace
1239 - SuperFreeS/WAN 1.99.8
1240 - Propolice kernel build support
1241 - EVMS
1242 - Other various security related patches
1243
1244 *hardened-sources-2.4.21 (14 Sep 2003)
1245
1246 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1247 Updated hardened-sources based on the 2.4.21 Linux kernel.
1248 This includes updates to most major components such as:
1249 - ck-base-0306300059
1250 - selinux-2.4-2003071106
1251 - grsecurity-2.0-rc1
1252 - Updated IPTables patch-o-matic
1253 - Updated SuperFreeS/WAN
1254
1255 Thanks to Phil West <pwest@computer.org> for his work in getting this
1256 updated patch set ready for the 2.4.21 based kernel.
1257
1258 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1259 Initial import of hardened-sources-2.4.20-r4. This revision
1260 includes only a few changes, but one of these is an important
1261 security fix. It is recommended all users of hardened-sources
1262 upgrade to this release.
1263
1264 - ioperm bug fix
1265 - fixed compilation failure when building without GRSec
1266
1267 SAL (Secure Auditing for Linux) is NOT included in this revision
1268 due to time constraints, but is planned for inclusion in the near
1269 future.
1270
1271 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1272
1273 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1274 hardened-sources-2.4.20-r3.ebuild:
1275 Add Header...
1276
1277 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1278 hardened-sources-2.4.20-r3.ebuild:
1279 Removed warnings from ebuild. This kernel should be safe to
1280 use at this point.
1281
1282 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1283
1284 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1285 hardened-sources-2.4.20-r3.ebuild:
1286 New revision. Includes the following changes over -r2:
1287
1288 - ck7-base (O(1), preempt, low latency)
1289 - Super FreeS/WAN 1.99.7rc2
1290 - PaX for the LSM/SELinux branch
1291 - GRSecurity 2.0-pre4 (role based access control)
1292 - Systrace 1.3
1293 - EXT3 fixes
1294 - EVMS 2.0.1
1295 - GCC 3.1+ compile optimizations
1296 - ProPolice kernel build support
1297 - Hashing table security fixes
1298
1299 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1300
1301 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1302 Initial import of hardened-sources-r2. This new
1303 ebuild includes many new performance and security
1304 related patches. As in -r1, it will patch in
1305 LSM/SELinux if "selinux" is in USE, otherwise it
1306 will patch in GRSecurity. The following patches
1307 are included in this revision:
1308
1309 - O(1) Scheduler, Low Latency, and Preempt
1310 (pulled from the base CK patch)
1311 - ptrace exploit patch for the LSM kernel
1312 (the GRSec patch already fixes this)
1313 - LSM 2.4-2003040709
1314 - SELinux 2.4-2003040709
1315 - Systrace v1.2
1316 - IPTables patch-o-matic base patches - 20030107
1317 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1318 - Super FreeS/WAN 1.99.6.1
1319 - GRSecurity 1.9.9g
1320 - MPPE
1321 - EXT3 data journal fix
1322 - CIPE 1.5.4
1323
1324 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1325 hardened-sources-2.4.20-r1.ebuild, manifest:
1326 Updated to install flask components correctly for selinux.
1327
1328 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1329 hardened-sources-2.4.20-r1.ebuild:
1330 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1331 is patched in instead. Ptrace patches for selinux have also been added. In
1332 either case, systrace support will be patched in as well.
1333
1334 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1335 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1336 Revision bump for new sources.
1337
1338 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1339 hardened-sources-2.4.20-r1.ebuild:
1340 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1341
1342 *hardened-sources-2.4.20 (30 Mar 2003)
1343
1344 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1345 hardened-sources-2.4.20.ebuild:
1346 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20