/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.221 - (show annotations) (download)
Mon May 5 17:39:56 2008 UTC (6 years, 7 months ago) by solar
Branch: MAIN
Changes since 1.220: +4 -1 lines
- -r11 stable on x86/amd64
(Portage version: 2.1.3.19)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.220 2008/05/01 22:16:54 solar Exp $
4
5 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
6 - -r11 stable on x86/amd64
7
8 *hardened-sources-2.6.23-r11 (01 May 2008)
9
10 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
11 - version bump to fix ulgy linux bugs
12
13 *hardened-sources-2.6.24-r1 (30 Apr 2008)
14
15 30 Apr 2008; Christian Heim <phreak@gentoo.org>
16 +hardened-sources-2.6.24-r1.ebuild:
17 Revision bump (thanks to Kerin and Gordon, again), pulling
18 genpatches-2.6.24-7, solving #219089. Additionally contains further security
19 fixes plus some minor updates.
20
21 *hardened-sources-2.6.23-r10 (30 Apr 2008)
22
23 30 Apr 2008; Christian Heim <phreak@gentoo.org>
24 +hardened-sources-2.6.23-r10.ebuild:
25 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
26 Additional contains "various other fixes".
27
28 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
29 Update the longdescription in metadata, thanks to Gordon Malm.
30
31 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
32 Stable on ppc wrt bug #213255
33
34 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
35 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
36 - stable on x86/amd64 per request. Removed obsolete ebuilds
37
38 *hardened-sources-2.6.24 (07 Apr 2008)
39
40 07 Apr 2008; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.24.ebuild:
42 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
43 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
44 for the many contributions and their continued effort in #216612) based on
45 2.6.24 and genpatches-2.6.24-5.
46
47 The current ebuild/patchset contains these things:
48 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
49 * Introduces bespoke server and workstation oriented security levels
50 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
51
52 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
53 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
54 maintaining it).
55
56 24 Mar 2008; Christian Heim <phreak@gentoo.org>
57 hardened-sources-2.4.35-r2.ebuild:
58 Fixing SRC_URI for 2.4.35-r2.
59
60 *hardened-sources-2.6.23-r9 (22 Mar 2008)
61
62 22 Mar 2008; Christian Heim <phreak@gentoo.org>
63 +hardened-sources-2.6.23-r9.ebuild:
64 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
65 * Change the default GIDs for some grsecurity options
66 * Revamp the Hardened [Gentoo] security level and make it the default level
67 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
68 * Fix a recursive lock -- call to capable() within ptrace_attach()
69 * Fix bug that allows audit and iscsi operations to be controlled via netlink
70
71 *hardened-sources-2.6.23-r8 (27 Feb 2008)
72
73 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
74 - version bump from Kerin Millar bug 210026
75
76 17 Feb 2008; <solar@gentoo.org> metadata.xml,
77 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
78 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
79 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
80 - stable on x86 and remove old ebuilds
81
82 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
83 - stable on amd64 per request of amd64 lead
84
85 *hardened-sources-2.6.23-r7 (11 Feb 2008)
86
87 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
88 - version bump from kerin.millar
89 Changes:
90
91 * Bump to genpatches-base-2.6.23-9
92 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
93 * Disables COMPAT_VDSO in x86/defconfig
94 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
95
96 25 Jan 2008; Christian Heim <phreak@gentoo.org>
97 -hardened-sources-2.6.22-r8.ebuild:
98 Cleaning up old versions.
99
100 *hardened-sources-2.6.23-r6 (25 Jan 2008)
101
102 25 Jan 2008; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
104 Revision bump, pulling in the latest genpatches.
105
106 *hardened-sources-2.6.23-r5 (24 Dec 2007)
107
108 24 Dec 2007; Christian Heim <phreak@gentoo.org>
109 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
110 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
111 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
112 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
113
114 24 Dec 2007; Christian Heim <phreak@gentoo.org>
115 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
116 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
117 -hardened-sources-2.6.23-r3.ebuild:
118 Cleaning out some unused, old versions.
119
120 24 Dec 2007; Christian Heim <phreak@gentoo.org>
121 hardened-sources-2.6.23-r4.ebuild:
122 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
123 in the tree for long, but there isn't much of a difference between this and
124 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
125
126 *hardened-sources-2.6.23-r4 (23 Dec 2007)
127
128 23 Dec 2007; Christian Heim <phreak@gentoo.org>
129 +hardened-sources-2.6.23-r4.ebuild:
130 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
131
132 *hardened-sources-2.6.23-r3 (04 Dec 2007)
133
134 04 Dec 2007; Christian Heim <phreak@gentoo.org>
135 +hardened-sources-2.6.23-r3.ebuild:
136 Revision bump, pulling in 2.6.23.9.
137
138 *hardened-sources-2.6.23-r2 (25 Nov 2007)
139
140 25 Nov 2007; Christian Heim <phreak@gentoo.org>
141 +hardened-sources-2.6.23-r2.ebuild:
142 Updated patchset, thanks to solar.
143
144 *hardened-sources-2.6.23-r1 (31 Oct 2007)
145
146 31 Oct 2007; Christian Heim <phreak@gentoo.org>
147 +hardened-sources-2.6.23-r1.ebuild:
148 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
149
150 29 Oct 2007; <solar@gentoo.org> metadata.xml:
151 - update metadata.xml
152
153 25 Oct 2007; Christian Heim <phreak@gentoo.org>
154 hardened-sources-2.6.22-r8.ebuild:
155 Marking 2.6.22-r8 stable on amd64 and x86.
156
157 21 Oct 2007; Christian Heim <phreak@gentoo.org>
158 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
159 -hardened-sources-2.6.21-r4.ebuild:
160 Removing old ebuilds.
161
162 *hardened-sources-2.4.35-r2 (21 Oct 2007)
163
164 21 Oct 2007; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.4.35-r2.ebuild:
166 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
167 patches.
168
169 *hardened-sources-2.6.22-r8 (21 Oct 2007)
170
171 21 Oct 2007; Christian Heim <phreak@gentoo.org>
172 +hardened-sources-2.6.22-r8.ebuild:
173 Yet another new patch, hopefully fixing the remaining issues we had w/
174 2.6.22. Candidate for stabling.
175
176 *hardened-sources-2.6.23 (13 Oct 2007)
177
178 13 Oct 2007; Christian Heim <phreak@gentoo.org>
179 +hardened-sources-2.6.23.ebuild:
180 Initial hardened-sources-2.6.23. If people still have problems w/ bug
181 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
182
183 11 Oct 2007; Christian Heim <phreak@gentoo.org>
184 hardened-sources-2.6.20-r10.ebuild:
185 Pulling in yet another new genpatches version, fixing the PWC bug for real.
186
187 04 Oct 2007; Christian Heim <phreak@gentoo.org>
188 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
189 Removing old versions.
190
191 *hardened-sources-2.6.22-r7 (01 Oct 2007)
192
193 01 Oct 2007; Christian Heim <phreak@gentoo.org>
194 +hardened-sources-2.6.22-r7.ebuild:
195 Revision bump, pulling in a newer patch. Should fix #194276.
196
197 30 Sep 2007; Christian Heim <phreak@gentoo.org>
198 hardened-sources-2.6.20-r10.ebuild:
199 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
200 Mike Doty).
201
202 *hardened-sources-2.6.22-r6 (26 Sep 2007)
203
204 26 Sep 2007; Christian Heim <phreak@gentoo.org>
205 +hardened-sources-2.6.22-r6.ebuild:
206 Revision bump, grabbing up till Linux 2.6.22.9.
207
208 24 Sep 2007; Christian Heim <phreak@gentoo.org>
209 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
210 Cleaning up further.
211
212 *hardened-sources-2.6.20-r10 (24 Sep 2007)
213
214 24 Sep 2007; Christian Heim <phreak@gentoo.org>
215 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
216 +hardened-sources-2.6.20-r10.ebuild:
217 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
218 revisions.
219
220 *hardened-sources-2.6.22-r5 (22 Sep 2007)
221
222 22 Sep 2007; Christian Heim <phreak@gentoo.org>
223 +hardened-sources-2.6.22-r5.ebuild:
224 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
225
226 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
227 Removing johnm from metadata.xml (see #186467 for reference).
228
229 *hardened-sources-2.6.22-r4 (17 Sep 2007)
230
231 17 Sep 2007; Christian Heim <phreak@gentoo.org>
232 +hardened-sources-2.6.22-r4.ebuild:
233 Revision bump, hopefully fixing all those weird PAX failures.
234
235 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
236 Updating the metadata.xml.
237
238 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
239 Removing tocharian from metadata due to his retirement (see #71718 for
240 reference).
241
242 *hardened-sources-2.6.20-r9 (30 Aug 2007)
243
244 30 Aug 2007; Christian Heim <phreak@gentoo.org>
245 +hardened-sources-2.6.20-r9.ebuild:
246 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
247
248 29 Aug 2007; Christian Heim <phreak@gentoo.org>
249 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
250 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
251 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
252 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
253 -hardened-sources-2.6.22-r2.ebuild:
254 Removing some redundant versions.
255
256 *hardened-sources-2.4.35-r1 (29 Aug 2007)
257
258 29 Aug 2007; Christian Heim <phreak@gentoo.org>
259 +hardened-sources-2.4.35-r1.ebuild:
260 Revision bump, new grsecurity patch.
261
262 *hardened-sources-2.6.20-r8 (26 Aug 2007)
263
264 26 Aug 2007; Christian Heim <phreak@gentoo.org>
265 +hardened-sources-2.6.20-r8.ebuild:
266 Revision bump for Linux 2.6.20.17.
267
268 *hardened-sources-2.6.22-r3 (22 Aug 2007)
269
270 22 Aug 2007; Christian Heim <phreak@gentoo.org>
271 +hardened-sources-2.6.22-r3.ebuild:
272 Revision bump for Linux 2.6.22.4.
273
274 16 Aug 2007; Christian Heim <phreak@gentoo.org>
275 hardened-sources-2.6.22-r2.ebuild:
276 Updated patchset, to fix the alignment against 2.6.22.3.
277
278 *hardened-sources-2.6.22-r2 (16 Aug 2007)
279
280 16 Aug 2007; Christian Heim <phreak@gentoo.org>
281 +hardened-sources-2.6.22-r2.ebuild:
282 Revision bump for Linux 2.6.22.3.
283
284 *hardened-sources-2.4.35 (16 Aug 2007)
285
286 16 Aug 2007; Christian Heim <phreak@gentoo.org>
287 +hardened-sources-2.4.35.ebuild:
288 Version bump, initial version for Linux 2.4.35.
289
290 *hardened-sources-2.6.21-r4 (16 Aug 2007)
291
292 16 Aug 2007; Christian Heim <phreak@gentoo.org>
293 +hardened-sources-2.6.21-r4.ebuild:
294 Revision bump for Linux 2.6.21.6.
295
296 *hardened-sources-2.6.20-r7 (16 Aug 2007)
297
298 16 Aug 2007; Christian Heim <phreak@gentoo.org>
299 +hardened-sources-2.6.20-r7.ebuild:
300 Revision bump for Linux 2.6.20.16.
301
302 *hardened-sources-2.6.22-r1 (13 Aug 2007)
303
304 13 Aug 2007; Christian Heim <phreak@gentoo.org>
305 +hardened-sources-2.6.22-r1.ebuild:
306 Yet another revision bump.
307
308 *hardened-sources-2.6.22 (10 Aug 2007)
309
310 10 Aug 2007; Christian Heim <phreak@gentoo.org>
311 +hardened-sources-2.6.22.ebuild:
312 Initial release for 2.6.22. If you are using hardened-sources on a desktop
313 machine (P4 or newer), be aware you might need to disable
314 CONFIG_PAX_PAGEEXEC.
315
316 04 Aug 2007; Christian Heim <phreak@gentoo.org>
317 hardened-sources-2.6.20-r6.ebuild:
318 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
319 2.6.20.15.
320
321 10 Jul 2007; Christian Heim <phreak@gentoo.org>
322 hardened-sources-2.6.20-r5.ebuild:
323 Marking hardened-sources-2.6.20-r5 stable on ppc.
324
325 10 Jul 2007; Christian Heim <phreak@gentoo.org>
326 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
327 Cleanup.
328
329 *hardened-sources-2.6.20-r6 (08 Jul 2007)
330
331 08 Jul 2007; Christian Heim <phreak@gentoo.org>
332 +hardened-sources-2.6.20-r6.ebuild:
333 Revision bump, grabbing yet another stable release.
334
335 17 Jun 2007; Christian Heim <phreak@gentoo.org>
336 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
337 -hardened-sources-2.6.21-r2.ebuild:
338 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
339 alpha stable KEYWORD by mistake.
340
341 17 Jun 2007; Christian Heim <phreak@gentoo.org>
342 hardened-sources-2.6.20-r5.ebuild:
343 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
344 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
345
346 *hardened-sources-2.6.21-r3 (12 Jun 2007)
347
348 12 Jun 2007; Christian Heim <phreak@gentoo.org>
349 +hardened-sources-2.6.21-r3.ebuild:
350 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
351 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
352 love.
353
354 *hardened-sources-2.6.20-r5 (11 Jun 2007)
355
356 11 Jun 2007; Christian Heim <phreak@gentoo.org>
357 +hardened-sources-2.6.20-r5.ebuild:
358 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
359 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
360 love.
361
362 *hardened-sources-2.4.34.5 (11 Jun 2007)
363
364 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
365 +hardened-sources-2.4.34.5.ebuild:
366 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
367
368 30 May 2007; Christian Heim <phreak@gentoo.org>
369 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
370 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
371 stale ebuild(s).
372
373 30 May 2007; Christian Heim <phreak@gentoo.org>
374 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
375 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
376 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
377 Doing some cleanups, remove stale ebuilds.
378
379 26 May 2007; Christian Heim <phreak@gentoo.org>
380 hardened-sources-2.6.21-r2.ebuild:
381 Fixing the grsecurity patch, had one '};' too much.
382
383 *hardened-sources-2.6.21-r2 (26 May 2007)
384
385 26 May 2007; Christian Heim <phreak@gentoo.org>
386 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
387 +hardened-sources-2.6.21-r2.ebuild:
388 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
389 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
390
391 *hardened-sources-2.6.20-r4 (26 May 2007)
392
393 26 May 2007; Christian Heim <phreak@gentoo.org>
394 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
395 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
396 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
397
398 15 May 2007; Christian Heim <phreak@gentoo.org>
399 hardened-sources-2.6.20-r3.ebuild:
400 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
401 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
402 grsecurity patch fail in that exact same hunk.
403
404 *hardened-sources-2.6.20-r3 (15 May 2007)
405
406 15 May 2007; Christian Heim <phreak@gentoo.org>
407 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
408 Revision bump, incorporating Linux 2.6.20.11.
409
410 *hardened-sources-2.6.21-r1 (11 May 2007)
411
412 11 May 2007; Christian Heim <phreak@gentoo.org>
413 +hardened-sources-2.6.21-r1.ebuild:
414 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
415 mentioned in #177234.
416
417 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
418 files/digest-hardened-sources-2.6.21, Manifest:
419 Fix Manifest/digest for linux-2.6.21.tar.bz2
420
421 06 May 2007; Christian Heim <phreak@gentoo.org>
422 hardened-sources-2.6.21.ebuild:
423 Bumping the hardened-patches version, needed for the fix for #177234.
424
425 *hardened-sources-2.6.21 (02 May 2007)
426
427 02 May 2007; Christian Heim <phreak@gentoo.org>
428 +hardened-sources-2.6.21.ebuild:
429 Version bump, Linux 2.6.21-hardened.
430
431 29 Apr 2007; Christian Heim <phreak@gentoo.org>
432 hardened-sources-2.6.20-r2.ebuild:
433 Adding ~ia64 on Ned's request.
434
435 29 Apr 2007; Christian Heim <phreak@gentoo.org>
436 hardened-sources-2.6.20-r2.ebuild:
437 Fixing the included grsecurity patch, wasn't alligning due to the Index:
438 header line(s).
439
440 29 Apr 2007; Christian Heim <phreak@gentoo.org>
441 hardened-sources-2.6.20-r2.ebuild:
442 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
443
444 *hardened-sources-2.6.20-r2 (10 Apr 2007)
445
446 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
447 +hardened-sources-2.6.20-r2.ebuild:
448 Version bump, on behalf of phreak
449
450 *hardened-sources-2.6.20-r1 (04 Apr 2007)
451
452 04 Apr 2007; Christian Heim <phreak@gentoo.org>
453 +hardened-sources-2.6.20-r1.ebuild:
454 Revision bump, grabbing a newer grsecurity snapshot.
455
456 *hardened-sources-2.6.20 (25 Mar 2007)
457
458 25 Mar 2007; Christian Heim <phreak@gentoo.org>
459 +hardened-sources-2.6.20.ebuild:
460 Finally a hardened-sources version for 2.6.20; many people have been waiting
461 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
462 testbox.
463
464 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
465 hardened-sources-2.6.18-r6.ebuild:
466 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
467
468 *hardened-sources-2.6.18-r6 (16 Mar 2007)
469
470 16 Mar 2007; Christian Heim <phreak@gentoo.org>
471 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
472 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
473 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
474 supposed to be.
475
476 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
477 Fixing the Manifest, the previous one was broken (as in still had the
478 deleted ebuild in it).
479
480 06 Mar 2007; Christian Heim <phreak@gentoo.org>
481 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
482 +hardened-sources-2.6.18-r5.ebuild:
483 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
484 Linux 2.6.18.8. Also cleaning up the older version.
485
486 *hardened-sources-2.6.18-r5 (06 Mar 2007)
487
488 06 Mar 2007; Christian Heim <phreak@gentoo.org>
489 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
490 +hardened-sources-2.6.18-r5.ebuild:
491 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
492 Linux 2.6.18.8. Also cleaning up the older version.
493
494 24 Feb 2007; Christian Heim <phreak@gentoo.org>
495 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
496 -hardened-sources-2.6.19-r5.ebuild:
497 Removing some of the old version, that didn't work.
498
499 *hardened-sources-2.6.19-r6 (12 Feb 2007)
500
501 12 Feb 2007; Christian Heim <phreak@gentoo.org>
502 +hardened-sources-2.6.19-r6.ebuild:
503 Revision bump, including a new grsec version fixing #166235.
504
505 *hardened-sources-2.4.34 (24 Jan 2007)
506
507 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
508 Manifest:
509 updating Manifest with checksums of new tarball and ebuild
510
511 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
512 +hardened-sources-2.4.34.ebuild:
513 I added new hardened sources 2.4 update, this is a critical path
514 security bugfix - all users of h-s are strongly advised
515 to update their existing hardened sources to this version.
516 It contains a fix for a kernel vulnerability that is pertaining
517 to the PaX changes to virtual memory management, possibly leading
518 to a local kernel exploit ... see grsecurity.net forums and homepage
519
520 23 Jan 2007; Christian Heim <phreak@gentoo.org>
521 files/digest-hardened-sources-2.6.19-r5, Manifest:
522 Fixing the patch-tarball digest.
523
524 *hardened-sources-2.6.19-r5 (23 Jan 2007)
525
526 23 Jan 2007; Christian Heim <phreak@gentoo.org>
527 +hardened-sources-2.6.19-r5.ebuild:
528 Revision bump, closing the recently discovered PaX expand_stack()
529 vulnerability.
530
531 *hardened-sources-2.6.19-r4 (14 Jan 2007)
532
533 14 Jan 2007; Christian Heim <phreak@gentoo.org>
534 +hardened-sources-2.6.19-r4.ebuild:
535 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
536 dropping the randomized PID feature.
537
538 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
539 hardened-sources-2.4.33.4.ebuild:
540 stable x86, bug #161171
541
542 *hardened-sources-2.6.19-r3 (27 Dec 2006)
543
544 27 Dec 2006; Christian Heim <phreak@gentoo.org>
545 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
546 Revision bump for bug #157186 and #158786.
547
548 *hardened-sources-2.6.18-r4 (27 Dec 2006)
549
550 27 Dec 2006; Christian Heim <phreak@gentoo.org>
551 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
552 Revision bump for bug #157186.
553
554 *hardened-sources-2.6.19-r2 (23 Dec 2006)
555
556 23 Dec 2006; Christian Heim <phreak@gentoo.org>
557 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
558 Revision bump to pull in genpatches-2.6.19-3 for #157186.
559
560 17 Dec 2006; Christian Heim <phreak@gentoo.org>
561 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
562 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
563 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
564 hardened-sources-2.6.19-r1.ebuild:
565 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
566 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
567
568 *hardened-sources-2.4.33.4 (17 Dec 2006)
569
570 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
571 +hardened-sources-2.4.33.4.ebuild:
572 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
573 and quilting
574
575 *hardened-sources-2.6.19-r1 (14 Dec 2006)
576
577 14 Dec 2006; Christian Heim <phreak@gentoo.org>
578 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
579 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
580 for reporting).
581
582 *hardened-sources-2.6.19 (13 Dec 2006)
583
584 13 Dec 2006; Christian Heim <phreak@gentoo.org>
585 +hardened-sources-2.6.19.ebuild:
586 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
587 Brad for providing that prompt update.
588
589 *hardened-sources-2.6.18-r3 (13 Dec 2006)
590
591 13 Dec 2006; Christian Heim <phreak@gentoo.org>
592 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
593 +hardened-sources-2.6.18-r3.ebuild:
594 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
595 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
596
597 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
598 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
599
600 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
601 Stable on ppc wrt bug 157356
602
603 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
604 hardened-sources-2.6.18.ebuild:
605 stable x86, bug #157356
606
607 *hardened-sources-2.6.18-r2 (06 Dec 2006)
608
609 06 Dec 2006; Christian Heim <phreak@gentoo.org>
610 +hardened-sources-2.6.18-r2.ebuild:
611 Revision bump, including 2.6.18.5 (via genpatches) and
612 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
613 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
614 redesign.
615
616 06 Dec 2006; Christian Heim <phreak@gentoo.org>
617 hardened-sources-2.6.18.ebuild:
618 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
619 of Mike Doty).
620
621 *hardened-sources-2.6.18-r1 (23 Nov 2006)
622
623 23 Nov 2006; Christian Heim <phreak@gentoo.org>
624 +hardened-sources-2.6.18-r1.ebuild:
625 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
626
627 *hardened-sources-2.6.18 (11 Nov 2006)
628
629 11 Nov 2006; Christian Heim <phreak@gentoo.org>
630 +hardened-sources-2.6.18.ebuild:
631 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
632
633 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
634 - mark amd64 stable also. bug #151877
635
636 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
637 - mark 2.6.17-r1 stable
638
639 27 Aug 2006; Christian Heim <phreak@gentoo.org>
640 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
641 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
642
643 *hardened-sources-2.6.17-r1 (26 Aug 2006)
644
645 26 Aug 2006; Christian Heim <phreak@gentoo.org>
646 +hardened-sources-2.6.17-r1.ebuild:
647 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
648 grsecurity patch.
649
650 *hardened-sources-2.6.17 (17 Aug 2006)
651
652 17 Aug 2006; Christian Heim <phreak@gentoo.org>
653 +hardened-sources-2.6.17.ebuild:
654 Bumping the hardened-sources-2.6 series to 2.6.17, using
655 genpatches-2.6.17-6.base.
656
657 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
658 - stable on x86 and amd64
659
660 *hardened-sources-2.6.16-r11 (15 Jul 2006)
661
662 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
663 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
664 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
665 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
666 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
667 crusty ebuilds
668
669 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
670 hardened-sources-2.6.16-r10.ebuild:
671 marking stable on x86 and amd64
672
673 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
674 - 2.4.32-r6 stable on x86. RSBAC state unknown
675
676 *hardened-sources-2.4.32-r7 (10 Jul 2006)
677
678 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
679 +hardened-sources-2.4.32-r7.ebuild:
680 Bump PaX for RSBAC to test-17
681
682 *hardened-sources-2.6.16-r9 (03 Jul 2006)
683
684 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
685 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
686 hardened-sources-2.6.16 bump to latest -base.
687
688 *hardened-sources-2.4.32-r6 (30 Jun 2006)
689
690 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
691 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
692 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
693 sysctl controlable resource logging
694
695 *hardened-sources-2.6.16-r7 (05 Jun 2006)
696
697 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
698 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
699 push new 2.6.16 release in preparation for stable
700
701 22 May 2006; <solar@gentoo.org> :
702 - redigest bug 134002
703
704 *hardened-sources-2.4.32-r5 (16 May 2006)
705
706 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
707 +hardened-sources-2.4.32-r5.ebuild:
708 Fixes rsbac common patching (new patch in new -r5 patchset)
709
710 *hardened-sources-2.4.32-r4 (13 May 2006)
711
712 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
713 +hardened-sources-2.4.32-r4.ebuild:
714 - security bumps
715
716 *hardened-sources-2.6.16-r6 (03 May 2006)
717
718 03 May 2006; John Mylchreest <johnm@gentoo.org>
719 +hardened-sources-2.6.16-r6.ebuild:
720 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
721
722 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
723 hardened-sources-2.6.14-r8.ebuild:
724 fix x86_64 build problem, this will delay the digest issue again for a short
725 while but it will sort itself out
726
727 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
728 hardened-sources-2.6.14-r8.ebuild:
729 bump hardened patchset
730
731 27 Apr 2006; Alec Warner <antarus@gentoo.org>
732 files/digest-hardened-sources-2.4.32-r2,
733 files/digest-hardened-sources-2.4.32-r3,
734 files/digest-hardened-sources-2.6.14-r8, Manifest:
735 Fixing duff SHA256 digests: Bug # 131293
736
737 *hardened-sources-2.6.16-r5 (27 Apr 2006)
738
739 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
740 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
741 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
742 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
743 cleanup of old uneccessary sources
744
745 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
746 fix digest
747
748 *hardened-sources-2.6.14-r8 (20 Apr 2006)
749
750 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
751 +hardened-sources-2.6.14-r8.ebuild:
752 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
753
754 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
755 Turning on gpg-signing again, and recomitting
756
757 *hardened-sources-2.6.16-r4 (20 Apr 2006)
758
759 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
760 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
761 +hardened-sources-2.6.16-r4.ebuild:
762 Fix numerous security vulns
763
764 *hardened-sources-2.4.32-r3 (16 Apr 2006)
765
766 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
767 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
768 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
769 - security bump for bug #112791. Removed old ebuilds
770
771 *hardened-sources-2.6.16-r3 (15 Apr 2006)
772
773 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
774 +hardened-sources-2.6.16-r3.ebuild:
775 Removing silly localversion which I missed
776
777 *hardened-sources-2.6.14-r7 (14 Apr 2006)
778
779 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
780 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
781 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
782
783 *hardened-sources-2.6.16-r2 (13 Apr 2006)
784
785 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
786 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
787 +hardened-sources-2.6.16-r2.ebuild:
788 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
789 labels, dropping USERGROUP define fixes, since these were merged mainstream.
790
791 *hardened-sources-2.6.16-r1 (11 Apr 2006)
792
793 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
794 +hardened-sources-2.6.16-r1.ebuild:
795 Bumping to include ppc build fix and 2.6.16.3
796
797 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
798 hardened-sources-2.6.14-r6.ebuild:
799 Stable on x86; bug #127718
800
801 *hardened-sources-2.6.16 (31 Mar 2006)
802
803 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
804 +hardened-sources-2.6.16.ebuild:
805 Bumping to new version of grsec, and kernel base. New squashfs. Based on
806 2.6.16.1
807
808 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
809 hardened-sources-2.6.14-r6.ebuild:
810 Stable on amd64, bug 127718.
811
812 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
813 Stable on ppc. Bug #127718
814
815 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
816 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
817 -hardened-sources-2.6.14-r4.ebuild:
818 Cleanup.
819
820 *hardened-sources-2.6.14-r6 (15 Mar 2006)
821
822 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
823 +hardened-sources-2.6.14-r6.ebuild:
824 Fixes grsec policy recreation bug and adds a
825 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
826
827 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
828 - stable on x86
829
830 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
831 hardened-sources-2.6.14-r5.ebuild:
832 Stable on ppc.
833
834 *hardened-sources-2.6.14-r5 (01 Feb 2006)
835
836 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
837 +hardened-sources-2.6.14-r5.ebuild:
838 fixing every known exploit
839
840 *hardened-sources-2.4.32-r2 (26 Jan 2006)
841
842 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
843 +hardened-sources-2.4.32-r2.ebuild:
844 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
845
846 *hardened-sources-2.6.14-r4 (12 Jan 2006)
847
848 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
849 - version bump for new genpatches which fix up a few sec holes
850
851 *hardened-sources-2.4.32-r1 (05 Jan 2006)
852
853 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
854 - revision bump to add misc vital linux kernel security patches.
855
856 *hardened-sources-2.6.14-r3 (30 Dec 2005)
857
858 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
859 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
860 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
861
862 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
863 hardened-sources-2.6.14-r2.ebuild:
864 making x86 & amd64 stable following testing.
865
866 *hardened-sources-2.6.14-r2 (27 Dec 2005)
867
868 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
869 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
870 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
871 network hooks.
872
873 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
874 hardened-sources-2.6.14-r1.ebuild:
875 bumping to stable early for sec fix on x86 & amd64
876
877 *hardened-sources-2.6.14-r1 (05 Dec 2005)
878
879 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
880 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
881 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
882
883 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
884 - stable on x86 security bug #114227 CAN-2005-3257
885
886 *hardened-sources-2.4.32 (19 Nov 2005)
887
888 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
889 +hardened-sources-2.4.32.ebuild:
890 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
891 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
892 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
893 rsbac >> /etc/portage/package.use)
894
895 *hardened-sources-2.6.14 (14 Nov 2005)
896
897 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
898 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
899 Bumping 2.6 series to 2.6.14.2
900
901 *hardened-sources-2.6.13-r2 (20 Oct 2005)
902
903 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
904 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
905 +hardened-sources-2.6.13-r2.ebuild:
906 Fixes minor build error in ppc.
907
908 *hardened-sources-2.6.13-r1 (17 Oct 2005)
909
910 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
911 +hardened-sources-2.6.13-r1.ebuild:
912 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
913 2.6.13.4, fixes some major amd64 stability problems.
914
915 *hardened-sources-2.6.13 (16 Sep 2005)
916
917 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
918 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
919 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
920 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
921 users should test this thoroughly.
922
923 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
924 - stable on x86
925
926 *hardened-sources-2.6.11-r15 (27 Jun 2005)
927
928 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
929 +hardened-sources-2.6.11-r15.ebuild:
930 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
931 grsec redefining curr_ip struct.
932
933 *hardened-sources-2.4.31 (20 Jun 2005)
934
935 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
936 initial import of 2.4.31 tree
937
938 *hardened-sources-2.6.11-r14 (14 Jun 2005)
939
940 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
941 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
942 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
943 naming scheme to abide by genpatches
944
945 *hardened-sources-2.6.11-r13 (18 May 2005)
946
947 18 May 2005; John Mylchreest <johnm@gentoo.org>
948 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
949 Managed to mangle the Makefile patch from grsec, to miss out the grsec
950 target. sorry about that. Fixes bug #93022
951
952 *hardened-sources-2.6.11-r12 (17 May 2005)
953
954 17 May 2005; John Mylchreest <johnm@gentoo.org>
955 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
956 +hardened-sources-2.6.11-r12.ebuild:
957 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
958 merges in genpatches-base
959
960 *hardened-sources-2.6.11-r12 (17 May 2005)
961
962 17 May 2005; John Mylchreest <johnm@gentoo.org>
963 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
964 +hardened-sources-2.6.11-r12.ebuild:
965 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
966 merges in genpatches-base
967
968 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
969 -files/2.4.27-cmdline-race.patch,
970 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
971 -files/2.4.28-grsec-binfmt_a.out.patch,
972 -files/2.4.28-grsec-cmdline-race.patch,
973 -files/2.4.28-selinux-binfmt_a.out.patch,
974 -files/2.4.28-selinux-cmdline-race.patch,
975 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
976 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
977 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
978 cleanup..
979
980 *hardened-sources-2.4.30-r1 (21 Apr 2005)
981
982 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
983 - disable aout by default
984
985 *hardened-sources-2.4.30 (18 Apr 2005)
986
987 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
988 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
989 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
990 use
991
992 *hardened-sources-2.4.29 (30 Mar 2005)
993
994 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
995 +hardened-sources-2.4.29.ebuild:
996 New hardened-patches-2.4-29.0 patchball.
997 Removed SELinux support, upgraded GRSecurity to 2.1.4.
998
999 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1000
1001 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1002 +hardened-sources-2.4.28-r5.ebuild:
1003 Added a fix for a PaX vulnerability.
1004
1005 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1006 hardened-sources-2.4.28-r4.ebuild:
1007 Stable on x86
1008
1009 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1010 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1011 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1012 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1013 - fixed/added RDEPEND= in all kernel-2 ebuilds
1014
1015 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1016
1017 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1018 +hardened-sources-2.4.28-r4.ebuild:
1019 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1020 backport of neighbour hash updates.
1021
1022 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1023 hardened-sources-2.4.28-r3.ebuild:
1024 Stable on x86
1025
1026 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1027
1028 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1029 +hardened-sources-2.6.10-r3.ebuild:
1030 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1031 in 2005.0
1032
1033 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1034 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1035 hardened-sources-2.4.28-r2.ebuild:
1036 Mark stable on x86
1037
1038 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1039
1040 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1041 +hardened-sources-2.4.28-r3.ebuild:
1042 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1043
1044 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1045 hardened-sources-2.4.28.ebuild:
1046 Mark stable on x86.
1047
1048 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1049
1050 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1051 +hardened-sources-2.4.28-r2.ebuild:
1052 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1053 Mazinger for grsecurity patches as well.
1054
1055 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1056
1057 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1058 Security bump. Thank tocharian for rolling a new patchset...
1059
1060 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1061 +files/2.4.28-grsec-cmdline-race.patch,
1062 +files/2.4.28-selinux-binfmt_a.out.patch,
1063 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1064 - Round up remaining security patches that appear to be missing in 2.4.28. -
1065 PaX standalone updated to current. hgpv=28.1
1066
1067 *hardened-sources-2.4.28 (28 Nov 2004)
1068
1069 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1070 security bump. Thank tocharian for rolling a new patchset
1071
1072 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1073
1074 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1075 +hardened-sources-2.4.27-r3.ebuild:
1076 Applies the new 2.4-27.2 patchball which updates
1077 GRSecurity to the 2.0.1 version.
1078
1079 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1080
1081 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1082 +hardened-sources-2.4.27-r2.ebuild:
1083 Version bump.
1084 This version uses the new 2.4-27.1 patchball which updates
1085 both the SELinux PaX hooks patch and the SELinux headers.
1086
1087 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1088
1089 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1090 +hardened-sources-2.4.27-r1.ebuild,
1091 -hardened-sources-2.4.27.ebuild,
1092 +files/2.4.27-cmdline-race.patch:
1093 Version bump, fix for cmdline race. See bug #59905.
1094
1095 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1096
1097 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1098 +hardened-sources-2.4.26-r6.ebuild,
1099 -hardened-sources-2.4.26-r5.ebuild,
1100 -hardened-sources-2.4.26-r4.ebuild,
1101 +files/2.4.26-cmdline-race.patch:
1102 Version bump, fix for cmdline race. See bug #59905.
1103
1104 *hardened-sources-2.4.27 (08 Aug 2004)
1105
1106 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1107 +hardened-sources-2.4.27.ebuild,
1108 +files/2.4.27-CAN-2004-0394.patch:
1109 Ported the patchball to the 2.4.27 kernel version.
1110
1111 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1112
1113 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1114 +hardened-sources-2.4.26-r5.ebuild:
1115 Updated to use the new hardened-patches-2.4-26.1 patchball.
1116 It adds the following features:
1117 - Squashfs
1118 - Ebtables
1119 - Netdev random (core+drivers)
1120 - Watchdog Timer (WDT) fix.
1121
1122 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1123
1124 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1125 +hardened-sources-2.4.26-r4.ebuild,
1126 +files/2.4.26-CAN-2004-0415.patch,
1127 -hardened-sources-2.4.26-3:
1128 Version bump, fix for CAN 0415, see bug #59378.
1129
1130 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1131
1132 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1133 +hardened-sources-2.4.26-r3.ebuild,
1134 +files/2.4.26-CAN-2004-0497.patch,
1135 -hardened-sources-2.4.26-r2.ebuild:
1136 Version bump, fixed CAN 0497, see bug #56171.
1137
1138 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1139
1140 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1141 +hardened-sources-2.4.26-r2.ebuild,
1142 +files/2.4.26-CAN-2004-0495.patch,
1143 +files/2.4.26-CAN-2004-0535.patch,
1144 -hardened-sources-2.4.26-r1.ebuild:
1145 Fixes for both CAN 0495 and 0535, see bug #54976
1146
1147 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1148 hardened-sources-2.4.26-r1.ebuild:
1149 QA - fix use invocation
1150
1151 *hardened-sources-2.4.26-r1 (22 June 2004)
1152
1153 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1154 +hardened-sources-2.4.26-r1.ebuild,
1155 +files/2.4.26-CAN-2004-0394.patch,
1156 +files/2.4.26-signal-race.patch,
1157 -hardened-sources-2.4.26.ebuild,
1158 -hardened-sources-2.4.24-r3.ebuild:
1159 Version bump for the CAN-2004-0394 issue and bug #53804
1160 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1161
1162
1163 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1164 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1165 Masked hardened-sources-2.4.26.ebuild broken for ppc
1166
1167 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1168 hardened-sources-2.4.24-r3.ebuild:
1169 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1170
1171 *hardened-sources-2.4.26 (29 May 2004)
1172
1173 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1174 +hardened-sources-2.4.26.ebuild:
1175 Updated hardened-sources for the 2.4.26 kernel
1176 Removed broken components, updated almost everything.
1177
1178 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1179
1180 17 Apr 2004; <plasmaroo@gentoo.org>
1181 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1182 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1183 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1184 +hardened-sources-2.4.24-r3.ebuild:
1185 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1186 vulnerabilities. Old revisions removed.
1187
1188 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1189
1190 15 Apr 2004; <plasmaroo@gentoo.org>
1191 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1192 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1193 Version bump for the CAN-2004-0109 issue; bug #47881.
1194
1195 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1196 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1197 Add eutils to inherit.
1198
1199 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1200
1201 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1202 files/hardened-sources-2.4.24.munmap.patch:
1203 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1204
1205 *hardened-sources-2.4.24 (06 Feb 2004)
1206
1207 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1208 hardened-sources-2.4.24.ebuild:
1209 Version bump, updated most of the components.
1210 This release includes the following:
1211
1212 - Hardened security
1213 - Netfilter patch-o-matic 20031219
1214 - FreeSWAN 2.04 & x509 1.4.8
1215 - EVMS 2.2.2
1216 - XFS 1.3.1
1217 - cryptoloop jari
1218 - grsecurity 2.0-rc4
1219 - SELinux
1220 - PaX 200402060000
1221 - PaX Obscurity 200308302223
1222 - Others...
1223
1224 Neither -ck nor systrace are included anymore.
1225
1226 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1227
1228 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1229 hardened-sources-2.4.22-r2.ebuild:
1230 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1231
1232 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1233
1234 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1235 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1236
1237 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1238 hardened-sources-2.4.22-r1.ebuild:
1239 Version bump for the 'do_brk' vulnerability.
1240
1241 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1242 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1243 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1244 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1245 Fix the 'do_brk' vulnerability.
1246
1247 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1248 hardened-sources-2.4.22.ebuild:
1249 - Removed the src_install() portion for SELinux flask
1250 components. These are no longer handled in the kernel
1251 so this code was not necessary.
1252
1253 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1254 New 2.4.22 based hardened-sources thanks to
1255 Phil West <p.west@computer.org>.
1256
1257 These sources include:
1258 - New SELinux API
1259 - Updated CK-base
1260 - Updated GRSec
1261 - Systrace
1262 - SuperFreeS/WAN 1.99.8
1263 - Propolice kernel build support
1264 - EVMS
1265 - Other various security related patches
1266
1267 *hardened-sources-2.4.21 (14 Sep 2003)
1268
1269 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1270 Updated hardened-sources based on the 2.4.21 Linux kernel.
1271 This includes updates to most major components such as:
1272 - ck-base-0306300059
1273 - selinux-2.4-2003071106
1274 - grsecurity-2.0-rc1
1275 - Updated IPTables patch-o-matic
1276 - Updated SuperFreeS/WAN
1277
1278 Thanks to Phil West <pwest@computer.org> for his work in getting this
1279 updated patch set ready for the 2.4.21 based kernel.
1280
1281 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1282 Initial import of hardened-sources-2.4.20-r4. This revision
1283 includes only a few changes, but one of these is an important
1284 security fix. It is recommended all users of hardened-sources
1285 upgrade to this release.
1286
1287 - ioperm bug fix
1288 - fixed compilation failure when building without GRSec
1289
1290 SAL (Secure Auditing for Linux) is NOT included in this revision
1291 due to time constraints, but is planned for inclusion in the near
1292 future.
1293
1294 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1295
1296 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1297 hardened-sources-2.4.20-r3.ebuild:
1298 Add Header...
1299
1300 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1301 hardened-sources-2.4.20-r3.ebuild:
1302 Removed warnings from ebuild. This kernel should be safe to
1303 use at this point.
1304
1305 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1306
1307 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1308 hardened-sources-2.4.20-r3.ebuild:
1309 New revision. Includes the following changes over -r2:
1310
1311 - ck7-base (O(1), preempt, low latency)
1312 - Super FreeS/WAN 1.99.7rc2
1313 - PaX for the LSM/SELinux branch
1314 - GRSecurity 2.0-pre4 (role based access control)
1315 - Systrace 1.3
1316 - EXT3 fixes
1317 - EVMS 2.0.1
1318 - GCC 3.1+ compile optimizations
1319 - ProPolice kernel build support
1320 - Hashing table security fixes
1321
1322 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1323
1324 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1325 Initial import of hardened-sources-r2. This new
1326 ebuild includes many new performance and security
1327 related patches. As in -r1, it will patch in
1328 LSM/SELinux if "selinux" is in USE, otherwise it
1329 will patch in GRSecurity. The following patches
1330 are included in this revision:
1331
1332 - O(1) Scheduler, Low Latency, and Preempt
1333 (pulled from the base CK patch)
1334 - ptrace exploit patch for the LSM kernel
1335 (the GRSec patch already fixes this)
1336 - LSM 2.4-2003040709
1337 - SELinux 2.4-2003040709
1338 - Systrace v1.2
1339 - IPTables patch-o-matic base patches - 20030107
1340 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1341 - Super FreeS/WAN 1.99.6.1
1342 - GRSecurity 1.9.9g
1343 - MPPE
1344 - EXT3 data journal fix
1345 - CIPE 1.5.4
1346
1347 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1348 hardened-sources-2.4.20-r1.ebuild, manifest:
1349 Updated to install flask components correctly for selinux.
1350
1351 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1352 hardened-sources-2.4.20-r1.ebuild:
1353 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1354 is patched in instead. Ptrace patches for selinux have also been added. In
1355 either case, systrace support will be patched in as well.
1356
1357 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1358 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1359 Revision bump for new sources.
1360
1361 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1362 hardened-sources-2.4.20-r1.ebuild:
1363 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1364
1365 *hardened-sources-2.4.20 (30 Mar 2003)
1366
1367 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1368 hardened-sources-2.4.20.ebuild:
1369 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20