/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.226 - (show annotations) (download)
Tue Jun 17 18:29:37 2008 UTC (6 years, 4 months ago) by solar
Branch: MAIN
Changes since 1.225: +12 -1 lines
2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635, #224647, #225461, other fixes.
2.6.24-r3: Fixes security bugs #212136, #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes.
2.6.25: Initial 2.6.25 release.

(Portage version: 2.1.3.19)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.225 2008/05/15 15:35:54 solar Exp $
4
5 *hardened-sources-2.6.25 (17 Jun 2008)
6 *hardened-sources-2.6.24-r3 (17 Jun 2008)
7 *hardened-sources-2.6.23-r13 (17 Jun 2008)
8
9 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
10 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
11 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
12 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
13 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
14 2.6.25: Initial 2.6.25 release.
15
16 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
17 - fasttrack to stable x86/amd64
18
19 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
20 Fix broken digest for linux-2.6.24.tar.bz2.
21
22 *hardened-sources-2.6.24-r2 (11 May 2008)
23 *hardened-sources-2.6.23-r12 (11 May 2008)
24
25 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
26 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
27 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
28 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
29 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
30 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
31 security bugs 219901, 220691, 220975, 220979, 221123. New
32 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
33 should be removed as far as I'm concerned, everything else remove due to
34 vulnerable to numerous security bugs or brokeness.
35
36 10 May 2008; nixnut <nixnut@gentoo.org>
37 hardened-sources-2.6.23-r11.ebuild:
38 Stable on ppc
39
40 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
41 - -r11 stable on x86/amd64
42
43 *hardened-sources-2.6.23-r11 (01 May 2008)
44
45 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
46 - version bump to fix ulgy linux bugs
47
48 *hardened-sources-2.6.24-r1 (30 Apr 2008)
49
50 30 Apr 2008; Christian Heim <phreak@gentoo.org>
51 +hardened-sources-2.6.24-r1.ebuild:
52 Revision bump (thanks to Kerin and Gordon, again), pulling
53 genpatches-2.6.24-7, solving #219089. Additionally contains further security
54 fixes plus some minor updates.
55
56 *hardened-sources-2.6.23-r10 (30 Apr 2008)
57
58 30 Apr 2008; Christian Heim <phreak@gentoo.org>
59 +hardened-sources-2.6.23-r10.ebuild:
60 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
61 Additional contains "various other fixes".
62
63 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
64 Update the longdescription in metadata, thanks to Gordon Malm.
65
66 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
67 Stable on ppc wrt bug #213255
68
69 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
70 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
71 - stable on x86/amd64 per request. Removed obsolete ebuilds
72
73 *hardened-sources-2.6.24 (07 Apr 2008)
74
75 07 Apr 2008; Christian Heim <phreak@gentoo.org>
76 +hardened-sources-2.6.24.ebuild:
77 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
78 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
79 for the many contributions and their continued effort in #216612) based on
80 2.6.24 and genpatches-2.6.24-5.
81
82 The current ebuild/patchset contains these things:
83 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
84 * Introduces bespoke server and workstation oriented security levels
85 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
86
87 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
88 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
89 maintaining it).
90
91 24 Mar 2008; Christian Heim <phreak@gentoo.org>
92 hardened-sources-2.4.35-r2.ebuild:
93 Fixing SRC_URI for 2.4.35-r2.
94
95 *hardened-sources-2.6.23-r9 (22 Mar 2008)
96
97 22 Mar 2008; Christian Heim <phreak@gentoo.org>
98 +hardened-sources-2.6.23-r9.ebuild:
99 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
100 * Change the default GIDs for some grsecurity options
101 * Revamp the Hardened [Gentoo] security level and make it the default level
102 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
103 * Fix a recursive lock -- call to capable() within ptrace_attach()
104 * Fix bug that allows audit and iscsi operations to be controlled via netlink
105
106 *hardened-sources-2.6.23-r8 (27 Feb 2008)
107
108 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
109 - version bump from Kerin Millar bug 210026
110
111 17 Feb 2008; <solar@gentoo.org> metadata.xml,
112 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
113 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
114 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
115 - stable on x86 and remove old ebuilds
116
117 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
118 - stable on amd64 per request of amd64 lead
119
120 *hardened-sources-2.6.23-r7 (11 Feb 2008)
121
122 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
123 - version bump from kerin.millar
124 Changes:
125
126 * Bump to genpatches-base-2.6.23-9
127 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
128 * Disables COMPAT_VDSO in x86/defconfig
129 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
130
131 25 Jan 2008; Christian Heim <phreak@gentoo.org>
132 -hardened-sources-2.6.22-r8.ebuild:
133 Cleaning up old versions.
134
135 *hardened-sources-2.6.23-r6 (25 Jan 2008)
136
137 25 Jan 2008; Christian Heim <phreak@gentoo.org>
138 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
139 Revision bump, pulling in the latest genpatches.
140
141 *hardened-sources-2.6.23-r5 (24 Dec 2007)
142
143 24 Dec 2007; Christian Heim <phreak@gentoo.org>
144 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
145 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
146 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
147 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
148
149 24 Dec 2007; Christian Heim <phreak@gentoo.org>
150 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
151 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
152 -hardened-sources-2.6.23-r3.ebuild:
153 Cleaning out some unused, old versions.
154
155 24 Dec 2007; Christian Heim <phreak@gentoo.org>
156 hardened-sources-2.6.23-r4.ebuild:
157 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
158 in the tree for long, but there isn't much of a difference between this and
159 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
160
161 *hardened-sources-2.6.23-r4 (23 Dec 2007)
162
163 23 Dec 2007; Christian Heim <phreak@gentoo.org>
164 +hardened-sources-2.6.23-r4.ebuild:
165 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
166
167 *hardened-sources-2.6.23-r3 (04 Dec 2007)
168
169 04 Dec 2007; Christian Heim <phreak@gentoo.org>
170 +hardened-sources-2.6.23-r3.ebuild:
171 Revision bump, pulling in 2.6.23.9.
172
173 *hardened-sources-2.6.23-r2 (25 Nov 2007)
174
175 25 Nov 2007; Christian Heim <phreak@gentoo.org>
176 +hardened-sources-2.6.23-r2.ebuild:
177 Updated patchset, thanks to solar.
178
179 *hardened-sources-2.6.23-r1 (31 Oct 2007)
180
181 31 Oct 2007; Christian Heim <phreak@gentoo.org>
182 +hardened-sources-2.6.23-r1.ebuild:
183 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
184
185 29 Oct 2007; <solar@gentoo.org> metadata.xml:
186 - update metadata.xml
187
188 25 Oct 2007; Christian Heim <phreak@gentoo.org>
189 hardened-sources-2.6.22-r8.ebuild:
190 Marking 2.6.22-r8 stable on amd64 and x86.
191
192 21 Oct 2007; Christian Heim <phreak@gentoo.org>
193 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
194 -hardened-sources-2.6.21-r4.ebuild:
195 Removing old ebuilds.
196
197 *hardened-sources-2.4.35-r2 (21 Oct 2007)
198
199 21 Oct 2007; Christian Heim <phreak@gentoo.org>
200 +hardened-sources-2.4.35-r2.ebuild:
201 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
202 patches.
203
204 *hardened-sources-2.6.22-r8 (21 Oct 2007)
205
206 21 Oct 2007; Christian Heim <phreak@gentoo.org>
207 +hardened-sources-2.6.22-r8.ebuild:
208 Yet another new patch, hopefully fixing the remaining issues we had w/
209 2.6.22. Candidate for stabling.
210
211 *hardened-sources-2.6.23 (13 Oct 2007)
212
213 13 Oct 2007; Christian Heim <phreak@gentoo.org>
214 +hardened-sources-2.6.23.ebuild:
215 Initial hardened-sources-2.6.23. If people still have problems w/ bug
216 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
217
218 11 Oct 2007; Christian Heim <phreak@gentoo.org>
219 hardened-sources-2.6.20-r10.ebuild:
220 Pulling in yet another new genpatches version, fixing the PWC bug for real.
221
222 04 Oct 2007; Christian Heim <phreak@gentoo.org>
223 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
224 Removing old versions.
225
226 *hardened-sources-2.6.22-r7 (01 Oct 2007)
227
228 01 Oct 2007; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.22-r7.ebuild:
230 Revision bump, pulling in a newer patch. Should fix #194276.
231
232 30 Sep 2007; Christian Heim <phreak@gentoo.org>
233 hardened-sources-2.6.20-r10.ebuild:
234 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
235 Mike Doty).
236
237 *hardened-sources-2.6.22-r6 (26 Sep 2007)
238
239 26 Sep 2007; Christian Heim <phreak@gentoo.org>
240 +hardened-sources-2.6.22-r6.ebuild:
241 Revision bump, grabbing up till Linux 2.6.22.9.
242
243 24 Sep 2007; Christian Heim <phreak@gentoo.org>
244 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
245 Cleaning up further.
246
247 *hardened-sources-2.6.20-r10 (24 Sep 2007)
248
249 24 Sep 2007; Christian Heim <phreak@gentoo.org>
250 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
251 +hardened-sources-2.6.20-r10.ebuild:
252 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
253 revisions.
254
255 *hardened-sources-2.6.22-r5 (22 Sep 2007)
256
257 22 Sep 2007; Christian Heim <phreak@gentoo.org>
258 +hardened-sources-2.6.22-r5.ebuild:
259 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
260
261 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
262 Removing johnm from metadata.xml (see #186467 for reference).
263
264 *hardened-sources-2.6.22-r4 (17 Sep 2007)
265
266 17 Sep 2007; Christian Heim <phreak@gentoo.org>
267 +hardened-sources-2.6.22-r4.ebuild:
268 Revision bump, hopefully fixing all those weird PAX failures.
269
270 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
271 Updating the metadata.xml.
272
273 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
274 Removing tocharian from metadata due to his retirement (see #71718 for
275 reference).
276
277 *hardened-sources-2.6.20-r9 (30 Aug 2007)
278
279 30 Aug 2007; Christian Heim <phreak@gentoo.org>
280 +hardened-sources-2.6.20-r9.ebuild:
281 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
282
283 29 Aug 2007; Christian Heim <phreak@gentoo.org>
284 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
285 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
286 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
287 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
288 -hardened-sources-2.6.22-r2.ebuild:
289 Removing some redundant versions.
290
291 *hardened-sources-2.4.35-r1 (29 Aug 2007)
292
293 29 Aug 2007; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.4.35-r1.ebuild:
295 Revision bump, new grsecurity patch.
296
297 *hardened-sources-2.6.20-r8 (26 Aug 2007)
298
299 26 Aug 2007; Christian Heim <phreak@gentoo.org>
300 +hardened-sources-2.6.20-r8.ebuild:
301 Revision bump for Linux 2.6.20.17.
302
303 *hardened-sources-2.6.22-r3 (22 Aug 2007)
304
305 22 Aug 2007; Christian Heim <phreak@gentoo.org>
306 +hardened-sources-2.6.22-r3.ebuild:
307 Revision bump for Linux 2.6.22.4.
308
309 16 Aug 2007; Christian Heim <phreak@gentoo.org>
310 hardened-sources-2.6.22-r2.ebuild:
311 Updated patchset, to fix the alignment against 2.6.22.3.
312
313 *hardened-sources-2.6.22-r2 (16 Aug 2007)
314
315 16 Aug 2007; Christian Heim <phreak@gentoo.org>
316 +hardened-sources-2.6.22-r2.ebuild:
317 Revision bump for Linux 2.6.22.3.
318
319 *hardened-sources-2.4.35 (16 Aug 2007)
320
321 16 Aug 2007; Christian Heim <phreak@gentoo.org>
322 +hardened-sources-2.4.35.ebuild:
323 Version bump, initial version for Linux 2.4.35.
324
325 *hardened-sources-2.6.21-r4 (16 Aug 2007)
326
327 16 Aug 2007; Christian Heim <phreak@gentoo.org>
328 +hardened-sources-2.6.21-r4.ebuild:
329 Revision bump for Linux 2.6.21.6.
330
331 *hardened-sources-2.6.20-r7 (16 Aug 2007)
332
333 16 Aug 2007; Christian Heim <phreak@gentoo.org>
334 +hardened-sources-2.6.20-r7.ebuild:
335 Revision bump for Linux 2.6.20.16.
336
337 *hardened-sources-2.6.22-r1 (13 Aug 2007)
338
339 13 Aug 2007; Christian Heim <phreak@gentoo.org>
340 +hardened-sources-2.6.22-r1.ebuild:
341 Yet another revision bump.
342
343 *hardened-sources-2.6.22 (10 Aug 2007)
344
345 10 Aug 2007; Christian Heim <phreak@gentoo.org>
346 +hardened-sources-2.6.22.ebuild:
347 Initial release for 2.6.22. If you are using hardened-sources on a desktop
348 machine (P4 or newer), be aware you might need to disable
349 CONFIG_PAX_PAGEEXEC.
350
351 04 Aug 2007; Christian Heim <phreak@gentoo.org>
352 hardened-sources-2.6.20-r6.ebuild:
353 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
354 2.6.20.15.
355
356 10 Jul 2007; Christian Heim <phreak@gentoo.org>
357 hardened-sources-2.6.20-r5.ebuild:
358 Marking hardened-sources-2.6.20-r5 stable on ppc.
359
360 10 Jul 2007; Christian Heim <phreak@gentoo.org>
361 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
362 Cleanup.
363
364 *hardened-sources-2.6.20-r6 (08 Jul 2007)
365
366 08 Jul 2007; Christian Heim <phreak@gentoo.org>
367 +hardened-sources-2.6.20-r6.ebuild:
368 Revision bump, grabbing yet another stable release.
369
370 17 Jun 2007; Christian Heim <phreak@gentoo.org>
371 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
372 -hardened-sources-2.6.21-r2.ebuild:
373 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
374 alpha stable KEYWORD by mistake.
375
376 17 Jun 2007; Christian Heim <phreak@gentoo.org>
377 hardened-sources-2.6.20-r5.ebuild:
378 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
379 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
380
381 *hardened-sources-2.6.21-r3 (12 Jun 2007)
382
383 12 Jun 2007; Christian Heim <phreak@gentoo.org>
384 +hardened-sources-2.6.21-r3.ebuild:
385 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
386 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
387 love.
388
389 *hardened-sources-2.6.20-r5 (11 Jun 2007)
390
391 11 Jun 2007; Christian Heim <phreak@gentoo.org>
392 +hardened-sources-2.6.20-r5.ebuild:
393 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
394 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
395 love.
396
397 *hardened-sources-2.4.34.5 (11 Jun 2007)
398
399 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
400 +hardened-sources-2.4.34.5.ebuild:
401 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
402
403 30 May 2007; Christian Heim <phreak@gentoo.org>
404 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
405 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
406 stale ebuild(s).
407
408 30 May 2007; Christian Heim <phreak@gentoo.org>
409 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
410 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
411 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
412 Doing some cleanups, remove stale ebuilds.
413
414 26 May 2007; Christian Heim <phreak@gentoo.org>
415 hardened-sources-2.6.21-r2.ebuild:
416 Fixing the grsecurity patch, had one '};' too much.
417
418 *hardened-sources-2.6.21-r2 (26 May 2007)
419
420 26 May 2007; Christian Heim <phreak@gentoo.org>
421 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
422 +hardened-sources-2.6.21-r2.ebuild:
423 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
424 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
425
426 *hardened-sources-2.6.20-r4 (26 May 2007)
427
428 26 May 2007; Christian Heim <phreak@gentoo.org>
429 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
430 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
431 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
432
433 15 May 2007; Christian Heim <phreak@gentoo.org>
434 hardened-sources-2.6.20-r3.ebuild:
435 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
436 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
437 grsecurity patch fail in that exact same hunk.
438
439 *hardened-sources-2.6.20-r3 (15 May 2007)
440
441 15 May 2007; Christian Heim <phreak@gentoo.org>
442 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
443 Revision bump, incorporating Linux 2.6.20.11.
444
445 *hardened-sources-2.6.21-r1 (11 May 2007)
446
447 11 May 2007; Christian Heim <phreak@gentoo.org>
448 +hardened-sources-2.6.21-r1.ebuild:
449 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
450 mentioned in #177234.
451
452 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
453 files/digest-hardened-sources-2.6.21, Manifest:
454 Fix Manifest/digest for linux-2.6.21.tar.bz2
455
456 06 May 2007; Christian Heim <phreak@gentoo.org>
457 hardened-sources-2.6.21.ebuild:
458 Bumping the hardened-patches version, needed for the fix for #177234.
459
460 *hardened-sources-2.6.21 (02 May 2007)
461
462 02 May 2007; Christian Heim <phreak@gentoo.org>
463 +hardened-sources-2.6.21.ebuild:
464 Version bump, Linux 2.6.21-hardened.
465
466 29 Apr 2007; Christian Heim <phreak@gentoo.org>
467 hardened-sources-2.6.20-r2.ebuild:
468 Adding ~ia64 on Ned's request.
469
470 29 Apr 2007; Christian Heim <phreak@gentoo.org>
471 hardened-sources-2.6.20-r2.ebuild:
472 Fixing the included grsecurity patch, wasn't alligning due to the Index:
473 header line(s).
474
475 29 Apr 2007; Christian Heim <phreak@gentoo.org>
476 hardened-sources-2.6.20-r2.ebuild:
477 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
478
479 *hardened-sources-2.6.20-r2 (10 Apr 2007)
480
481 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
482 +hardened-sources-2.6.20-r2.ebuild:
483 Version bump, on behalf of phreak
484
485 *hardened-sources-2.6.20-r1 (04 Apr 2007)
486
487 04 Apr 2007; Christian Heim <phreak@gentoo.org>
488 +hardened-sources-2.6.20-r1.ebuild:
489 Revision bump, grabbing a newer grsecurity snapshot.
490
491 *hardened-sources-2.6.20 (25 Mar 2007)
492
493 25 Mar 2007; Christian Heim <phreak@gentoo.org>
494 +hardened-sources-2.6.20.ebuild:
495 Finally a hardened-sources version for 2.6.20; many people have been waiting
496 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
497 testbox.
498
499 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
500 hardened-sources-2.6.18-r6.ebuild:
501 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
502
503 *hardened-sources-2.6.18-r6 (16 Mar 2007)
504
505 16 Mar 2007; Christian Heim <phreak@gentoo.org>
506 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
507 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
508 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
509 supposed to be.
510
511 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
512 Fixing the Manifest, the previous one was broken (as in still had the
513 deleted ebuild in it).
514
515 06 Mar 2007; Christian Heim <phreak@gentoo.org>
516 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
517 +hardened-sources-2.6.18-r5.ebuild:
518 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
519 Linux 2.6.18.8. Also cleaning up the older version.
520
521 *hardened-sources-2.6.18-r5 (06 Mar 2007)
522
523 06 Mar 2007; Christian Heim <phreak@gentoo.org>
524 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
525 +hardened-sources-2.6.18-r5.ebuild:
526 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
527 Linux 2.6.18.8. Also cleaning up the older version.
528
529 24 Feb 2007; Christian Heim <phreak@gentoo.org>
530 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
531 -hardened-sources-2.6.19-r5.ebuild:
532 Removing some of the old version, that didn't work.
533
534 *hardened-sources-2.6.19-r6 (12 Feb 2007)
535
536 12 Feb 2007; Christian Heim <phreak@gentoo.org>
537 +hardened-sources-2.6.19-r6.ebuild:
538 Revision bump, including a new grsec version fixing #166235.
539
540 *hardened-sources-2.4.34 (24 Jan 2007)
541
542 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
543 Manifest:
544 updating Manifest with checksums of new tarball and ebuild
545
546 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
547 +hardened-sources-2.4.34.ebuild:
548 I added new hardened sources 2.4 update, this is a critical path
549 security bugfix - all users of h-s are strongly advised
550 to update their existing hardened sources to this version.
551 It contains a fix for a kernel vulnerability that is pertaining
552 to the PaX changes to virtual memory management, possibly leading
553 to a local kernel exploit ... see grsecurity.net forums and homepage
554
555 23 Jan 2007; Christian Heim <phreak@gentoo.org>
556 files/digest-hardened-sources-2.6.19-r5, Manifest:
557 Fixing the patch-tarball digest.
558
559 *hardened-sources-2.6.19-r5 (23 Jan 2007)
560
561 23 Jan 2007; Christian Heim <phreak@gentoo.org>
562 +hardened-sources-2.6.19-r5.ebuild:
563 Revision bump, closing the recently discovered PaX expand_stack()
564 vulnerability.
565
566 *hardened-sources-2.6.19-r4 (14 Jan 2007)
567
568 14 Jan 2007; Christian Heim <phreak@gentoo.org>
569 +hardened-sources-2.6.19-r4.ebuild:
570 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
571 dropping the randomized PID feature.
572
573 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
574 hardened-sources-2.4.33.4.ebuild:
575 stable x86, bug #161171
576
577 *hardened-sources-2.6.19-r3 (27 Dec 2006)
578
579 27 Dec 2006; Christian Heim <phreak@gentoo.org>
580 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
581 Revision bump for bug #157186 and #158786.
582
583 *hardened-sources-2.6.18-r4 (27 Dec 2006)
584
585 27 Dec 2006; Christian Heim <phreak@gentoo.org>
586 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
587 Revision bump for bug #157186.
588
589 *hardened-sources-2.6.19-r2 (23 Dec 2006)
590
591 23 Dec 2006; Christian Heim <phreak@gentoo.org>
592 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
593 Revision bump to pull in genpatches-2.6.19-3 for #157186.
594
595 17 Dec 2006; Christian Heim <phreak@gentoo.org>
596 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
597 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
598 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
599 hardened-sources-2.6.19-r1.ebuild:
600 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
601 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
602
603 *hardened-sources-2.4.33.4 (17 Dec 2006)
604
605 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
606 +hardened-sources-2.4.33.4.ebuild:
607 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
608 and quilting
609
610 *hardened-sources-2.6.19-r1 (14 Dec 2006)
611
612 14 Dec 2006; Christian Heim <phreak@gentoo.org>
613 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
614 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
615 for reporting).
616
617 *hardened-sources-2.6.19 (13 Dec 2006)
618
619 13 Dec 2006; Christian Heim <phreak@gentoo.org>
620 +hardened-sources-2.6.19.ebuild:
621 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
622 Brad for providing that prompt update.
623
624 *hardened-sources-2.6.18-r3 (13 Dec 2006)
625
626 13 Dec 2006; Christian Heim <phreak@gentoo.org>
627 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
628 +hardened-sources-2.6.18-r3.ebuild:
629 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
630 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
631
632 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
633 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
634
635 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
636 Stable on ppc wrt bug 157356
637
638 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
639 hardened-sources-2.6.18.ebuild:
640 stable x86, bug #157356
641
642 *hardened-sources-2.6.18-r2 (06 Dec 2006)
643
644 06 Dec 2006; Christian Heim <phreak@gentoo.org>
645 +hardened-sources-2.6.18-r2.ebuild:
646 Revision bump, including 2.6.18.5 (via genpatches) and
647 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
648 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
649 redesign.
650
651 06 Dec 2006; Christian Heim <phreak@gentoo.org>
652 hardened-sources-2.6.18.ebuild:
653 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
654 of Mike Doty).
655
656 *hardened-sources-2.6.18-r1 (23 Nov 2006)
657
658 23 Nov 2006; Christian Heim <phreak@gentoo.org>
659 +hardened-sources-2.6.18-r1.ebuild:
660 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
661
662 *hardened-sources-2.6.18 (11 Nov 2006)
663
664 11 Nov 2006; Christian Heim <phreak@gentoo.org>
665 +hardened-sources-2.6.18.ebuild:
666 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
667
668 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
669 - mark amd64 stable also. bug #151877
670
671 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
672 - mark 2.6.17-r1 stable
673
674 27 Aug 2006; Christian Heim <phreak@gentoo.org>
675 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
676 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
677
678 *hardened-sources-2.6.17-r1 (26 Aug 2006)
679
680 26 Aug 2006; Christian Heim <phreak@gentoo.org>
681 +hardened-sources-2.6.17-r1.ebuild:
682 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
683 grsecurity patch.
684
685 *hardened-sources-2.6.17 (17 Aug 2006)
686
687 17 Aug 2006; Christian Heim <phreak@gentoo.org>
688 +hardened-sources-2.6.17.ebuild:
689 Bumping the hardened-sources-2.6 series to 2.6.17, using
690 genpatches-2.6.17-6.base.
691
692 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
693 - stable on x86 and amd64
694
695 *hardened-sources-2.6.16-r11 (15 Jul 2006)
696
697 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
698 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
699 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
700 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
701 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
702 crusty ebuilds
703
704 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
705 hardened-sources-2.6.16-r10.ebuild:
706 marking stable on x86 and amd64
707
708 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
709 - 2.4.32-r6 stable on x86. RSBAC state unknown
710
711 *hardened-sources-2.4.32-r7 (10 Jul 2006)
712
713 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
714 +hardened-sources-2.4.32-r7.ebuild:
715 Bump PaX for RSBAC to test-17
716
717 *hardened-sources-2.6.16-r9 (03 Jul 2006)
718
719 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
720 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
721 hardened-sources-2.6.16 bump to latest -base.
722
723 *hardened-sources-2.4.32-r6 (30 Jun 2006)
724
725 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
726 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
727 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
728 sysctl controlable resource logging
729
730 *hardened-sources-2.6.16-r7 (05 Jun 2006)
731
732 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
733 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
734 push new 2.6.16 release in preparation for stable
735
736 22 May 2006; <solar@gentoo.org> :
737 - redigest bug 134002
738
739 *hardened-sources-2.4.32-r5 (16 May 2006)
740
741 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
742 +hardened-sources-2.4.32-r5.ebuild:
743 Fixes rsbac common patching (new patch in new -r5 patchset)
744
745 *hardened-sources-2.4.32-r4 (13 May 2006)
746
747 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
748 +hardened-sources-2.4.32-r4.ebuild:
749 - security bumps
750
751 *hardened-sources-2.6.16-r6 (03 May 2006)
752
753 03 May 2006; John Mylchreest <johnm@gentoo.org>
754 +hardened-sources-2.6.16-r6.ebuild:
755 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
756
757 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
758 hardened-sources-2.6.14-r8.ebuild:
759 fix x86_64 build problem, this will delay the digest issue again for a short
760 while but it will sort itself out
761
762 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
763 hardened-sources-2.6.14-r8.ebuild:
764 bump hardened patchset
765
766 27 Apr 2006; Alec Warner <antarus@gentoo.org>
767 files/digest-hardened-sources-2.4.32-r2,
768 files/digest-hardened-sources-2.4.32-r3,
769 files/digest-hardened-sources-2.6.14-r8, Manifest:
770 Fixing duff SHA256 digests: Bug # 131293
771
772 *hardened-sources-2.6.16-r5 (27 Apr 2006)
773
774 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
775 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
776 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
777 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
778 cleanup of old uneccessary sources
779
780 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
781 fix digest
782
783 *hardened-sources-2.6.14-r8 (20 Apr 2006)
784
785 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
786 +hardened-sources-2.6.14-r8.ebuild:
787 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
788
789 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
790 Turning on gpg-signing again, and recomitting
791
792 *hardened-sources-2.6.16-r4 (20 Apr 2006)
793
794 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
795 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
796 +hardened-sources-2.6.16-r4.ebuild:
797 Fix numerous security vulns
798
799 *hardened-sources-2.4.32-r3 (16 Apr 2006)
800
801 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
802 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
803 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
804 - security bump for bug #112791. Removed old ebuilds
805
806 *hardened-sources-2.6.16-r3 (15 Apr 2006)
807
808 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
809 +hardened-sources-2.6.16-r3.ebuild:
810 Removing silly localversion which I missed
811
812 *hardened-sources-2.6.14-r7 (14 Apr 2006)
813
814 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
815 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
816 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
817
818 *hardened-sources-2.6.16-r2 (13 Apr 2006)
819
820 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
821 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
822 +hardened-sources-2.6.16-r2.ebuild:
823 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
824 labels, dropping USERGROUP define fixes, since these were merged mainstream.
825
826 *hardened-sources-2.6.16-r1 (11 Apr 2006)
827
828 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
829 +hardened-sources-2.6.16-r1.ebuild:
830 Bumping to include ppc build fix and 2.6.16.3
831
832 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
833 hardened-sources-2.6.14-r6.ebuild:
834 Stable on x86; bug #127718
835
836 *hardened-sources-2.6.16 (31 Mar 2006)
837
838 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
839 +hardened-sources-2.6.16.ebuild:
840 Bumping to new version of grsec, and kernel base. New squashfs. Based on
841 2.6.16.1
842
843 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
844 hardened-sources-2.6.14-r6.ebuild:
845 Stable on amd64, bug 127718.
846
847 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
848 Stable on ppc. Bug #127718
849
850 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
851 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
852 -hardened-sources-2.6.14-r4.ebuild:
853 Cleanup.
854
855 *hardened-sources-2.6.14-r6 (15 Mar 2006)
856
857 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
858 +hardened-sources-2.6.14-r6.ebuild:
859 Fixes grsec policy recreation bug and adds a
860 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
861
862 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
863 - stable on x86
864
865 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
866 hardened-sources-2.6.14-r5.ebuild:
867 Stable on ppc.
868
869 *hardened-sources-2.6.14-r5 (01 Feb 2006)
870
871 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
872 +hardened-sources-2.6.14-r5.ebuild:
873 fixing every known exploit
874
875 *hardened-sources-2.4.32-r2 (26 Jan 2006)
876
877 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
878 +hardened-sources-2.4.32-r2.ebuild:
879 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
880
881 *hardened-sources-2.6.14-r4 (12 Jan 2006)
882
883 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
884 - version bump for new genpatches which fix up a few sec holes
885
886 *hardened-sources-2.4.32-r1 (05 Jan 2006)
887
888 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
889 - revision bump to add misc vital linux kernel security patches.
890
891 *hardened-sources-2.6.14-r3 (30 Dec 2005)
892
893 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
894 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
895 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
896
897 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
898 hardened-sources-2.6.14-r2.ebuild:
899 making x86 & amd64 stable following testing.
900
901 *hardened-sources-2.6.14-r2 (27 Dec 2005)
902
903 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
904 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
905 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
906 network hooks.
907
908 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
909 hardened-sources-2.6.14-r1.ebuild:
910 bumping to stable early for sec fix on x86 & amd64
911
912 *hardened-sources-2.6.14-r1 (05 Dec 2005)
913
914 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
915 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
916 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
917
918 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
919 - stable on x86 security bug #114227 CAN-2005-3257
920
921 *hardened-sources-2.4.32 (19 Nov 2005)
922
923 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
924 +hardened-sources-2.4.32.ebuild:
925 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
926 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
927 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
928 rsbac >> /etc/portage/package.use)
929
930 *hardened-sources-2.6.14 (14 Nov 2005)
931
932 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
933 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
934 Bumping 2.6 series to 2.6.14.2
935
936 *hardened-sources-2.6.13-r2 (20 Oct 2005)
937
938 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
939 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
940 +hardened-sources-2.6.13-r2.ebuild:
941 Fixes minor build error in ppc.
942
943 *hardened-sources-2.6.13-r1 (17 Oct 2005)
944
945 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
946 +hardened-sources-2.6.13-r1.ebuild:
947 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
948 2.6.13.4, fixes some major amd64 stability problems.
949
950 *hardened-sources-2.6.13 (16 Sep 2005)
951
952 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
953 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
954 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
955 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
956 users should test this thoroughly.
957
958 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
959 - stable on x86
960
961 *hardened-sources-2.6.11-r15 (27 Jun 2005)
962
963 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
964 +hardened-sources-2.6.11-r15.ebuild:
965 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
966 grsec redefining curr_ip struct.
967
968 *hardened-sources-2.4.31 (20 Jun 2005)
969
970 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
971 initial import of 2.4.31 tree
972
973 *hardened-sources-2.6.11-r14 (14 Jun 2005)
974
975 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
976 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
977 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
978 naming scheme to abide by genpatches
979
980 *hardened-sources-2.6.11-r13 (18 May 2005)
981
982 18 May 2005; John Mylchreest <johnm@gentoo.org>
983 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
984 Managed to mangle the Makefile patch from grsec, to miss out the grsec
985 target. sorry about that. Fixes bug #93022
986
987 *hardened-sources-2.6.11-r12 (17 May 2005)
988
989 17 May 2005; John Mylchreest <johnm@gentoo.org>
990 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
991 +hardened-sources-2.6.11-r12.ebuild:
992 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
993 merges in genpatches-base
994
995 *hardened-sources-2.6.11-r12 (17 May 2005)
996
997 17 May 2005; John Mylchreest <johnm@gentoo.org>
998 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
999 +hardened-sources-2.6.11-r12.ebuild:
1000 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1001 merges in genpatches-base
1002
1003 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1004 -files/2.4.27-cmdline-race.patch,
1005 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1006 -files/2.4.28-grsec-binfmt_a.out.patch,
1007 -files/2.4.28-grsec-cmdline-race.patch,
1008 -files/2.4.28-selinux-binfmt_a.out.patch,
1009 -files/2.4.28-selinux-cmdline-race.patch,
1010 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1011 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1012 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1013 cleanup..
1014
1015 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1016
1017 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1018 - disable aout by default
1019
1020 *hardened-sources-2.4.30 (18 Apr 2005)
1021
1022 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1023 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1024 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1025 use
1026
1027 *hardened-sources-2.4.29 (30 Mar 2005)
1028
1029 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1030 +hardened-sources-2.4.29.ebuild:
1031 New hardened-patches-2.4-29.0 patchball.
1032 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1033
1034 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1035
1036 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1037 +hardened-sources-2.4.28-r5.ebuild:
1038 Added a fix for a PaX vulnerability.
1039
1040 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1041 hardened-sources-2.4.28-r4.ebuild:
1042 Stable on x86
1043
1044 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1045 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1046 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1047 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1048 - fixed/added RDEPEND= in all kernel-2 ebuilds
1049
1050 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1051
1052 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1053 +hardened-sources-2.4.28-r4.ebuild:
1054 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1055 backport of neighbour hash updates.
1056
1057 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1058 hardened-sources-2.4.28-r3.ebuild:
1059 Stable on x86
1060
1061 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1062
1063 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1064 +hardened-sources-2.6.10-r3.ebuild:
1065 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1066 in 2005.0
1067
1068 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1069 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1070 hardened-sources-2.4.28-r2.ebuild:
1071 Mark stable on x86
1072
1073 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1074
1075 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1076 +hardened-sources-2.4.28-r3.ebuild:
1077 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1078
1079 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1080 hardened-sources-2.4.28.ebuild:
1081 Mark stable on x86.
1082
1083 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1084
1085 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1086 +hardened-sources-2.4.28-r2.ebuild:
1087 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1088 Mazinger for grsecurity patches as well.
1089
1090 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1091
1092 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1093 Security bump. Thank tocharian for rolling a new patchset...
1094
1095 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1096 +files/2.4.28-grsec-cmdline-race.patch,
1097 +files/2.4.28-selinux-binfmt_a.out.patch,
1098 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1099 - Round up remaining security patches that appear to be missing in 2.4.28. -
1100 PaX standalone updated to current. hgpv=28.1
1101
1102 *hardened-sources-2.4.28 (28 Nov 2004)
1103
1104 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1105 security bump. Thank tocharian for rolling a new patchset
1106
1107 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1108
1109 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1110 +hardened-sources-2.4.27-r3.ebuild:
1111 Applies the new 2.4-27.2 patchball which updates
1112 GRSecurity to the 2.0.1 version.
1113
1114 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1115
1116 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1117 +hardened-sources-2.4.27-r2.ebuild:
1118 Version bump.
1119 This version uses the new 2.4-27.1 patchball which updates
1120 both the SELinux PaX hooks patch and the SELinux headers.
1121
1122 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1123
1124 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1125 +hardened-sources-2.4.27-r1.ebuild,
1126 -hardened-sources-2.4.27.ebuild,
1127 +files/2.4.27-cmdline-race.patch:
1128 Version bump, fix for cmdline race. See bug #59905.
1129
1130 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1131
1132 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1133 +hardened-sources-2.4.26-r6.ebuild,
1134 -hardened-sources-2.4.26-r5.ebuild,
1135 -hardened-sources-2.4.26-r4.ebuild,
1136 +files/2.4.26-cmdline-race.patch:
1137 Version bump, fix for cmdline race. See bug #59905.
1138
1139 *hardened-sources-2.4.27 (08 Aug 2004)
1140
1141 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1142 +hardened-sources-2.4.27.ebuild,
1143 +files/2.4.27-CAN-2004-0394.patch:
1144 Ported the patchball to the 2.4.27 kernel version.
1145
1146 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1147
1148 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1149 +hardened-sources-2.4.26-r5.ebuild:
1150 Updated to use the new hardened-patches-2.4-26.1 patchball.
1151 It adds the following features:
1152 - Squashfs
1153 - Ebtables
1154 - Netdev random (core+drivers)
1155 - Watchdog Timer (WDT) fix.
1156
1157 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1158
1159 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1160 +hardened-sources-2.4.26-r4.ebuild,
1161 +files/2.4.26-CAN-2004-0415.patch,
1162 -hardened-sources-2.4.26-3:
1163 Version bump, fix for CAN 0415, see bug #59378.
1164
1165 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1166
1167 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1168 +hardened-sources-2.4.26-r3.ebuild,
1169 +files/2.4.26-CAN-2004-0497.patch,
1170 -hardened-sources-2.4.26-r2.ebuild:
1171 Version bump, fixed CAN 0497, see bug #56171.
1172
1173 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1174
1175 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1176 +hardened-sources-2.4.26-r2.ebuild,
1177 +files/2.4.26-CAN-2004-0495.patch,
1178 +files/2.4.26-CAN-2004-0535.patch,
1179 -hardened-sources-2.4.26-r1.ebuild:
1180 Fixes for both CAN 0495 and 0535, see bug #54976
1181
1182 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1183 hardened-sources-2.4.26-r1.ebuild:
1184 QA - fix use invocation
1185
1186 *hardened-sources-2.4.26-r1 (22 June 2004)
1187
1188 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1189 +hardened-sources-2.4.26-r1.ebuild,
1190 +files/2.4.26-CAN-2004-0394.patch,
1191 +files/2.4.26-signal-race.patch,
1192 -hardened-sources-2.4.26.ebuild,
1193 -hardened-sources-2.4.24-r3.ebuild:
1194 Version bump for the CAN-2004-0394 issue and bug #53804
1195 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1196
1197
1198 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1199 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1200 Masked hardened-sources-2.4.26.ebuild broken for ppc
1201
1202 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1203 hardened-sources-2.4.24-r3.ebuild:
1204 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1205
1206 *hardened-sources-2.4.26 (29 May 2004)
1207
1208 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1209 +hardened-sources-2.4.26.ebuild:
1210 Updated hardened-sources for the 2.4.26 kernel
1211 Removed broken components, updated almost everything.
1212
1213 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1214
1215 17 Apr 2004; <plasmaroo@gentoo.org>
1216 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1217 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1218 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1219 +hardened-sources-2.4.24-r3.ebuild:
1220 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1221 vulnerabilities. Old revisions removed.
1222
1223 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1224
1225 15 Apr 2004; <plasmaroo@gentoo.org>
1226 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1227 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1228 Version bump for the CAN-2004-0109 issue; bug #47881.
1229
1230 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1231 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1232 Add eutils to inherit.
1233
1234 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1235
1236 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1237 files/hardened-sources-2.4.24.munmap.patch:
1238 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1239
1240 *hardened-sources-2.4.24 (06 Feb 2004)
1241
1242 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1243 hardened-sources-2.4.24.ebuild:
1244 Version bump, updated most of the components.
1245 This release includes the following:
1246
1247 - Hardened security
1248 - Netfilter patch-o-matic 20031219
1249 - FreeSWAN 2.04 & x509 1.4.8
1250 - EVMS 2.2.2
1251 - XFS 1.3.1
1252 - cryptoloop jari
1253 - grsecurity 2.0-rc4
1254 - SELinux
1255 - PaX 200402060000
1256 - PaX Obscurity 200308302223
1257 - Others...
1258
1259 Neither -ck nor systrace are included anymore.
1260
1261 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1262
1263 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1264 hardened-sources-2.4.22-r2.ebuild:
1265 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1266
1267 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1268
1269 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1270 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1271
1272 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1273 hardened-sources-2.4.22-r1.ebuild:
1274 Version bump for the 'do_brk' vulnerability.
1275
1276 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1277 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1278 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1279 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1280 Fix the 'do_brk' vulnerability.
1281
1282 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1283 hardened-sources-2.4.22.ebuild:
1284 - Removed the src_install() portion for SELinux flask
1285 components. These are no longer handled in the kernel
1286 so this code was not necessary.
1287
1288 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1289 New 2.4.22 based hardened-sources thanks to
1290 Phil West <p.west@computer.org>.
1291
1292 These sources include:
1293 - New SELinux API
1294 - Updated CK-base
1295 - Updated GRSec
1296 - Systrace
1297 - SuperFreeS/WAN 1.99.8
1298 - Propolice kernel build support
1299 - EVMS
1300 - Other various security related patches
1301
1302 *hardened-sources-2.4.21 (14 Sep 2003)
1303
1304 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1305 Updated hardened-sources based on the 2.4.21 Linux kernel.
1306 This includes updates to most major components such as:
1307 - ck-base-0306300059
1308 - selinux-2.4-2003071106
1309 - grsecurity-2.0-rc1
1310 - Updated IPTables patch-o-matic
1311 - Updated SuperFreeS/WAN
1312
1313 Thanks to Phil West <pwest@computer.org> for his work in getting this
1314 updated patch set ready for the 2.4.21 based kernel.
1315
1316 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1317 Initial import of hardened-sources-2.4.20-r4. This revision
1318 includes only a few changes, but one of these is an important
1319 security fix. It is recommended all users of hardened-sources
1320 upgrade to this release.
1321
1322 - ioperm bug fix
1323 - fixed compilation failure when building without GRSec
1324
1325 SAL (Secure Auditing for Linux) is NOT included in this revision
1326 due to time constraints, but is planned for inclusion in the near
1327 future.
1328
1329 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1330
1331 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1332 hardened-sources-2.4.20-r3.ebuild:
1333 Add Header...
1334
1335 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1336 hardened-sources-2.4.20-r3.ebuild:
1337 Removed warnings from ebuild. This kernel should be safe to
1338 use at this point.
1339
1340 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1341
1342 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1343 hardened-sources-2.4.20-r3.ebuild:
1344 New revision. Includes the following changes over -r2:
1345
1346 - ck7-base (O(1), preempt, low latency)
1347 - Super FreeS/WAN 1.99.7rc2
1348 - PaX for the LSM/SELinux branch
1349 - GRSecurity 2.0-pre4 (role based access control)
1350 - Systrace 1.3
1351 - EXT3 fixes
1352 - EVMS 2.0.1
1353 - GCC 3.1+ compile optimizations
1354 - ProPolice kernel build support
1355 - Hashing table security fixes
1356
1357 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1358
1359 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1360 Initial import of hardened-sources-r2. This new
1361 ebuild includes many new performance and security
1362 related patches. As in -r1, it will patch in
1363 LSM/SELinux if "selinux" is in USE, otherwise it
1364 will patch in GRSecurity. The following patches
1365 are included in this revision:
1366
1367 - O(1) Scheduler, Low Latency, and Preempt
1368 (pulled from the base CK patch)
1369 - ptrace exploit patch for the LSM kernel
1370 (the GRSec patch already fixes this)
1371 - LSM 2.4-2003040709
1372 - SELinux 2.4-2003040709
1373 - Systrace v1.2
1374 - IPTables patch-o-matic base patches - 20030107
1375 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1376 - Super FreeS/WAN 1.99.6.1
1377 - GRSecurity 1.9.9g
1378 - MPPE
1379 - EXT3 data journal fix
1380 - CIPE 1.5.4
1381
1382 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1383 hardened-sources-2.4.20-r1.ebuild, manifest:
1384 Updated to install flask components correctly for selinux.
1385
1386 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1387 hardened-sources-2.4.20-r1.ebuild:
1388 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1389 is patched in instead. Ptrace patches for selinux have also been added. In
1390 either case, systrace support will be patched in as well.
1391
1392 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1393 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1394 Revision bump for new sources.
1395
1396 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1397 hardened-sources-2.4.20-r1.ebuild:
1398 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1399
1400 *hardened-sources-2.4.20 (30 Mar 2003)
1401
1402 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1403 hardened-sources-2.4.20.ebuild:
1404 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20