/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.242 - (show annotations) (download)
Wed Sep 17 02:02:13 2008 UTC (5 years, 11 months ago) by gengor
Branch: MAIN
Changes since 1.241: +5 -1 lines
Stable 2.6.25-r7 on amd64/x86.
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.241 2008/09/13 20:09:11 gengor Exp $
4
5 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
6 hardened-sources-2.6.25-r7.ebuild:
7 Stable amd64/x86.
8
9 *hardened-sources-2.6.26-r2 (13 Sep 2008)
10
11 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
12 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
13 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
14 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
15
16 *hardened-sources-2.6.25-r7 (13 Sep 2008)
17
18 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
19 +hardened-sources-2.6.25-r7.ebuild:
20 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
21
22 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
23 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
24 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
25 hardened-sources-2.6.26-r1.ebuild:
26 Update DESCRIPTION and HGPV_URI.
27
28 *hardened-sources-2.6.25-r6 (09 Sep 2008)
29
30 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
31 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
32 2.6.25-r6: Update to Linux 2.6.25.17.
33 2.6.24-r3: Removed.
34
35 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
36 hardened-sources-2.6.25-r5.ebuild:
37 Stable on amd64/x86
38
39 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
40 Update my email address.
41
42 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
43 stable on ppc
44
45 *hardened-sources-2.6.26-r1 (23 Aug 2008)
46 *hardened-sources-2.6.25-r5 (23 Aug 2008)
47
48 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
49 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
50 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
51 +hardened-sources-2.6.26-r1.ebuild:
52 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
53 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
54 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
55 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
56 (gengor).
57
58 *hardened-sources-2.6.26 (18 Aug 2008)
59 *hardened-sources-2.6.25-r4 (18 Aug 2008)
60
61 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
62 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
63 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
64 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
65 2.6.25-r2: Removed.
66
67 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
68 Remove phreak from metadata.xml (#96398)
69
70 *hardened-sources-2.6.25-r3 (31 Jul 2008)
71
72 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
73 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
74 +hardened-sources-2.6.25-r3.ebuild:
75 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
76 fixes, including security bug #231750.
77
78 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
79 Stable on ppc
80
81 *hardened-sources-2.6.25-r2 (05 Jul 2008)
82
83 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
84 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
85 +hardened-sources-2.6.25-r2.ebuild:
86 2.6.23-r4: Stable x86/amd64
87 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
88 2.6.23-r{11,12}: Removed due to multiple vulns.
89 (gengor & kerframil)
90
91 04 Jul 2008; nixnut <nixnut@gentoo.org>
92 hardened-sources-2.6.23-r13.ebuild:
93 Stable on ppc
94
95 *hardened-sources-2.6.25-r1 (30 Jun 2008)
96
97 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
98 +hardened-sources-2.6.25-r1.ebuild:
99 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
100 grsecurity release. 2.6.23-r13: x86/amd64 stable
101
102 *hardened-sources-2.6.25 (17 Jun 2008)
103 *hardened-sources-2.6.24-r3 (17 Jun 2008)
104 *hardened-sources-2.6.23-r13 (17 Jun 2008)
105
106 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
107 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
108 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
109 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
110 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
111 2.6.25: Initial 2.6.25 release.
112
113 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
114 - fasttrack to stable x86/amd64
115
116 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
117 Fix broken digest for linux-2.6.24.tar.bz2.
118
119 *hardened-sources-2.6.24-r2 (11 May 2008)
120 *hardened-sources-2.6.23-r12 (11 May 2008)
121
122 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
123 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
124 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
125 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
126 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
127 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
128 security bugs 219901, 220691, 220975, 220979, 221123. New
129 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
130 should be removed as far as I'm concerned, everything else remove due to
131 vulnerable to numerous security bugs or brokeness.
132
133 10 May 2008; nixnut <nixnut@gentoo.org>
134 hardened-sources-2.6.23-r11.ebuild:
135 Stable on ppc
136
137 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
138 - -r11 stable on x86/amd64
139
140 *hardened-sources-2.6.23-r11 (01 May 2008)
141
142 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
143 - version bump to fix ulgy linux bugs
144
145 *hardened-sources-2.6.24-r1 (30 Apr 2008)
146
147 30 Apr 2008; Christian Heim <phreak@gentoo.org>
148 +hardened-sources-2.6.24-r1.ebuild:
149 Revision bump (thanks to Kerin and Gordon, again), pulling
150 genpatches-2.6.24-7, solving #219089. Additionally contains further security
151 fixes plus some minor updates.
152
153 *hardened-sources-2.6.23-r10 (30 Apr 2008)
154
155 30 Apr 2008; Christian Heim <phreak@gentoo.org>
156 +hardened-sources-2.6.23-r10.ebuild:
157 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
158 Additional contains "various other fixes".
159
160 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
161 Update the longdescription in metadata, thanks to Gordon Malm.
162
163 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
164 Stable on ppc wrt bug #213255
165
166 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
167 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
168 - stable on x86/amd64 per request. Removed obsolete ebuilds
169
170 *hardened-sources-2.6.24 (07 Apr 2008)
171
172 07 Apr 2008; Christian Heim <phreak@gentoo.org>
173 +hardened-sources-2.6.24.ebuild:
174 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
175 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
176 for the many contributions and their continued effort in #216612) based on
177 2.6.24 and genpatches-2.6.24-5.
178
179 The current ebuild/patchset contains these things:
180 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
181 * Introduces bespoke server and workstation oriented security levels
182 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
183
184 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
185 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
186 maintaining it).
187
188 24 Mar 2008; Christian Heim <phreak@gentoo.org>
189 hardened-sources-2.4.35-r2.ebuild:
190 Fixing SRC_URI for 2.4.35-r2.
191
192 *hardened-sources-2.6.23-r9 (22 Mar 2008)
193
194 22 Mar 2008; Christian Heim <phreak@gentoo.org>
195 +hardened-sources-2.6.23-r9.ebuild:
196 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
197 * Change the default GIDs for some grsecurity options
198 * Revamp the Hardened [Gentoo] security level and make it the default level
199 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
200 * Fix a recursive lock -- call to capable() within ptrace_attach()
201 * Fix bug that allows audit and iscsi operations to be controlled via netlink
202
203 *hardened-sources-2.6.23-r8 (27 Feb 2008)
204
205 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
206 - version bump from Kerin Millar bug 210026
207
208 17 Feb 2008; <solar@gentoo.org> metadata.xml,
209 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
210 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
211 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
212 - stable on x86 and remove old ebuilds
213
214 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
215 - stable on amd64 per request of amd64 lead
216
217 *hardened-sources-2.6.23-r7 (11 Feb 2008)
218
219 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
220 - version bump from kerin.millar
221 Changes:
222
223 * Bump to genpatches-base-2.6.23-9
224 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
225 * Disables COMPAT_VDSO in x86/defconfig
226 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
227
228 25 Jan 2008; Christian Heim <phreak@gentoo.org>
229 -hardened-sources-2.6.22-r8.ebuild:
230 Cleaning up old versions.
231
232 *hardened-sources-2.6.23-r6 (25 Jan 2008)
233
234 25 Jan 2008; Christian Heim <phreak@gentoo.org>
235 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
236 Revision bump, pulling in the latest genpatches.
237
238 *hardened-sources-2.6.23-r5 (24 Dec 2007)
239
240 24 Dec 2007; Christian Heim <phreak@gentoo.org>
241 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
242 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
243 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
244 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
245
246 24 Dec 2007; Christian Heim <phreak@gentoo.org>
247 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
248 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
249 -hardened-sources-2.6.23-r3.ebuild:
250 Cleaning out some unused, old versions.
251
252 24 Dec 2007; Christian Heim <phreak@gentoo.org>
253 hardened-sources-2.6.23-r4.ebuild:
254 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
255 in the tree for long, but there isn't much of a difference between this and
256 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
257
258 *hardened-sources-2.6.23-r4 (23 Dec 2007)
259
260 23 Dec 2007; Christian Heim <phreak@gentoo.org>
261 +hardened-sources-2.6.23-r4.ebuild:
262 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
263
264 *hardened-sources-2.6.23-r3 (04 Dec 2007)
265
266 04 Dec 2007; Christian Heim <phreak@gentoo.org>
267 +hardened-sources-2.6.23-r3.ebuild:
268 Revision bump, pulling in 2.6.23.9.
269
270 *hardened-sources-2.6.23-r2 (25 Nov 2007)
271
272 25 Nov 2007; Christian Heim <phreak@gentoo.org>
273 +hardened-sources-2.6.23-r2.ebuild:
274 Updated patchset, thanks to solar.
275
276 *hardened-sources-2.6.23-r1 (31 Oct 2007)
277
278 31 Oct 2007; Christian Heim <phreak@gentoo.org>
279 +hardened-sources-2.6.23-r1.ebuild:
280 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
281
282 29 Oct 2007; <solar@gentoo.org> metadata.xml:
283 - update metadata.xml
284
285 25 Oct 2007; Christian Heim <phreak@gentoo.org>
286 hardened-sources-2.6.22-r8.ebuild:
287 Marking 2.6.22-r8 stable on amd64 and x86.
288
289 21 Oct 2007; Christian Heim <phreak@gentoo.org>
290 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
291 -hardened-sources-2.6.21-r4.ebuild:
292 Removing old ebuilds.
293
294 *hardened-sources-2.4.35-r2 (21 Oct 2007)
295
296 21 Oct 2007; Christian Heim <phreak@gentoo.org>
297 +hardened-sources-2.4.35-r2.ebuild:
298 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
299 patches.
300
301 *hardened-sources-2.6.22-r8 (21 Oct 2007)
302
303 21 Oct 2007; Christian Heim <phreak@gentoo.org>
304 +hardened-sources-2.6.22-r8.ebuild:
305 Yet another new patch, hopefully fixing the remaining issues we had w/
306 2.6.22. Candidate for stabling.
307
308 *hardened-sources-2.6.23 (13 Oct 2007)
309
310 13 Oct 2007; Christian Heim <phreak@gentoo.org>
311 +hardened-sources-2.6.23.ebuild:
312 Initial hardened-sources-2.6.23. If people still have problems w/ bug
313 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
314
315 11 Oct 2007; Christian Heim <phreak@gentoo.org>
316 hardened-sources-2.6.20-r10.ebuild:
317 Pulling in yet another new genpatches version, fixing the PWC bug for real.
318
319 04 Oct 2007; Christian Heim <phreak@gentoo.org>
320 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
321 Removing old versions.
322
323 *hardened-sources-2.6.22-r7 (01 Oct 2007)
324
325 01 Oct 2007; Christian Heim <phreak@gentoo.org>
326 +hardened-sources-2.6.22-r7.ebuild:
327 Revision bump, pulling in a newer patch. Should fix #194276.
328
329 30 Sep 2007; Christian Heim <phreak@gentoo.org>
330 hardened-sources-2.6.20-r10.ebuild:
331 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
332 Mike Doty).
333
334 *hardened-sources-2.6.22-r6 (26 Sep 2007)
335
336 26 Sep 2007; Christian Heim <phreak@gentoo.org>
337 +hardened-sources-2.6.22-r6.ebuild:
338 Revision bump, grabbing up till Linux 2.6.22.9.
339
340 24 Sep 2007; Christian Heim <phreak@gentoo.org>
341 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
342 Cleaning up further.
343
344 *hardened-sources-2.6.20-r10 (24 Sep 2007)
345
346 24 Sep 2007; Christian Heim <phreak@gentoo.org>
347 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
348 +hardened-sources-2.6.20-r10.ebuild:
349 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
350 revisions.
351
352 *hardened-sources-2.6.22-r5 (22 Sep 2007)
353
354 22 Sep 2007; Christian Heim <phreak@gentoo.org>
355 +hardened-sources-2.6.22-r5.ebuild:
356 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
357
358 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
359 Removing johnm from metadata.xml (see #186467 for reference).
360
361 *hardened-sources-2.6.22-r4 (17 Sep 2007)
362
363 17 Sep 2007; Christian Heim <phreak@gentoo.org>
364 +hardened-sources-2.6.22-r4.ebuild:
365 Revision bump, hopefully fixing all those weird PAX failures.
366
367 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
368 Updating the metadata.xml.
369
370 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
371 Removing tocharian from metadata due to his retirement (see #71718 for
372 reference).
373
374 *hardened-sources-2.6.20-r9 (30 Aug 2007)
375
376 30 Aug 2007; Christian Heim <phreak@gentoo.org>
377 +hardened-sources-2.6.20-r9.ebuild:
378 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
379
380 29 Aug 2007; Christian Heim <phreak@gentoo.org>
381 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
382 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
383 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
384 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
385 -hardened-sources-2.6.22-r2.ebuild:
386 Removing some redundant versions.
387
388 *hardened-sources-2.4.35-r1 (29 Aug 2007)
389
390 29 Aug 2007; Christian Heim <phreak@gentoo.org>
391 +hardened-sources-2.4.35-r1.ebuild:
392 Revision bump, new grsecurity patch.
393
394 *hardened-sources-2.6.20-r8 (26 Aug 2007)
395
396 26 Aug 2007; Christian Heim <phreak@gentoo.org>
397 +hardened-sources-2.6.20-r8.ebuild:
398 Revision bump for Linux 2.6.20.17.
399
400 *hardened-sources-2.6.22-r3 (22 Aug 2007)
401
402 22 Aug 2007; Christian Heim <phreak@gentoo.org>
403 +hardened-sources-2.6.22-r3.ebuild:
404 Revision bump for Linux 2.6.22.4.
405
406 16 Aug 2007; Christian Heim <phreak@gentoo.org>
407 hardened-sources-2.6.22-r2.ebuild:
408 Updated patchset, to fix the alignment against 2.6.22.3.
409
410 *hardened-sources-2.6.22-r2 (16 Aug 2007)
411
412 16 Aug 2007; Christian Heim <phreak@gentoo.org>
413 +hardened-sources-2.6.22-r2.ebuild:
414 Revision bump for Linux 2.6.22.3.
415
416 *hardened-sources-2.4.35 (16 Aug 2007)
417
418 16 Aug 2007; Christian Heim <phreak@gentoo.org>
419 +hardened-sources-2.4.35.ebuild:
420 Version bump, initial version for Linux 2.4.35.
421
422 *hardened-sources-2.6.21-r4 (16 Aug 2007)
423
424 16 Aug 2007; Christian Heim <phreak@gentoo.org>
425 +hardened-sources-2.6.21-r4.ebuild:
426 Revision bump for Linux 2.6.21.6.
427
428 *hardened-sources-2.6.20-r7 (16 Aug 2007)
429
430 16 Aug 2007; Christian Heim <phreak@gentoo.org>
431 +hardened-sources-2.6.20-r7.ebuild:
432 Revision bump for Linux 2.6.20.16.
433
434 *hardened-sources-2.6.22-r1 (13 Aug 2007)
435
436 13 Aug 2007; Christian Heim <phreak@gentoo.org>
437 +hardened-sources-2.6.22-r1.ebuild:
438 Yet another revision bump.
439
440 *hardened-sources-2.6.22 (10 Aug 2007)
441
442 10 Aug 2007; Christian Heim <phreak@gentoo.org>
443 +hardened-sources-2.6.22.ebuild:
444 Initial release for 2.6.22. If you are using hardened-sources on a desktop
445 machine (P4 or newer), be aware you might need to disable
446 CONFIG_PAX_PAGEEXEC.
447
448 04 Aug 2007; Christian Heim <phreak@gentoo.org>
449 hardened-sources-2.6.20-r6.ebuild:
450 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
451 2.6.20.15.
452
453 10 Jul 2007; Christian Heim <phreak@gentoo.org>
454 hardened-sources-2.6.20-r5.ebuild:
455 Marking hardened-sources-2.6.20-r5 stable on ppc.
456
457 10 Jul 2007; Christian Heim <phreak@gentoo.org>
458 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
459 Cleanup.
460
461 *hardened-sources-2.6.20-r6 (08 Jul 2007)
462
463 08 Jul 2007; Christian Heim <phreak@gentoo.org>
464 +hardened-sources-2.6.20-r6.ebuild:
465 Revision bump, grabbing yet another stable release.
466
467 17 Jun 2007; Christian Heim <phreak@gentoo.org>
468 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
469 -hardened-sources-2.6.21-r2.ebuild:
470 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
471 alpha stable KEYWORD by mistake.
472
473 17 Jun 2007; Christian Heim <phreak@gentoo.org>
474 hardened-sources-2.6.20-r5.ebuild:
475 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
476 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
477
478 *hardened-sources-2.6.21-r3 (12 Jun 2007)
479
480 12 Jun 2007; Christian Heim <phreak@gentoo.org>
481 +hardened-sources-2.6.21-r3.ebuild:
482 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
483 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
484 love.
485
486 *hardened-sources-2.6.20-r5 (11 Jun 2007)
487
488 11 Jun 2007; Christian Heim <phreak@gentoo.org>
489 +hardened-sources-2.6.20-r5.ebuild:
490 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
491 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
492 love.
493
494 *hardened-sources-2.4.34.5 (11 Jun 2007)
495
496 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
497 +hardened-sources-2.4.34.5.ebuild:
498 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
499
500 30 May 2007; Christian Heim <phreak@gentoo.org>
501 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
502 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
503 stale ebuild(s).
504
505 30 May 2007; Christian Heim <phreak@gentoo.org>
506 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
507 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
508 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
509 Doing some cleanups, remove stale ebuilds.
510
511 26 May 2007; Christian Heim <phreak@gentoo.org>
512 hardened-sources-2.6.21-r2.ebuild:
513 Fixing the grsecurity patch, had one '};' too much.
514
515 *hardened-sources-2.6.21-r2 (26 May 2007)
516
517 26 May 2007; Christian Heim <phreak@gentoo.org>
518 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
519 +hardened-sources-2.6.21-r2.ebuild:
520 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
521 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
522
523 *hardened-sources-2.6.20-r4 (26 May 2007)
524
525 26 May 2007; Christian Heim <phreak@gentoo.org>
526 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
527 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
528 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
529
530 15 May 2007; Christian Heim <phreak@gentoo.org>
531 hardened-sources-2.6.20-r3.ebuild:
532 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
533 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
534 grsecurity patch fail in that exact same hunk.
535
536 *hardened-sources-2.6.20-r3 (15 May 2007)
537
538 15 May 2007; Christian Heim <phreak@gentoo.org>
539 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
540 Revision bump, incorporating Linux 2.6.20.11.
541
542 *hardened-sources-2.6.21-r1 (11 May 2007)
543
544 11 May 2007; Christian Heim <phreak@gentoo.org>
545 +hardened-sources-2.6.21-r1.ebuild:
546 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
547 mentioned in #177234.
548
549 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
550 files/digest-hardened-sources-2.6.21, Manifest:
551 Fix Manifest/digest for linux-2.6.21.tar.bz2
552
553 06 May 2007; Christian Heim <phreak@gentoo.org>
554 hardened-sources-2.6.21.ebuild:
555 Bumping the hardened-patches version, needed for the fix for #177234.
556
557 *hardened-sources-2.6.21 (02 May 2007)
558
559 02 May 2007; Christian Heim <phreak@gentoo.org>
560 +hardened-sources-2.6.21.ebuild:
561 Version bump, Linux 2.6.21-hardened.
562
563 29 Apr 2007; Christian Heim <phreak@gentoo.org>
564 hardened-sources-2.6.20-r2.ebuild:
565 Adding ~ia64 on Ned's request.
566
567 29 Apr 2007; Christian Heim <phreak@gentoo.org>
568 hardened-sources-2.6.20-r2.ebuild:
569 Fixing the included grsecurity patch, wasn't alligning due to the Index:
570 header line(s).
571
572 29 Apr 2007; Christian Heim <phreak@gentoo.org>
573 hardened-sources-2.6.20-r2.ebuild:
574 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
575
576 *hardened-sources-2.6.20-r2 (10 Apr 2007)
577
578 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
579 +hardened-sources-2.6.20-r2.ebuild:
580 Version bump, on behalf of phreak
581
582 *hardened-sources-2.6.20-r1 (04 Apr 2007)
583
584 04 Apr 2007; Christian Heim <phreak@gentoo.org>
585 +hardened-sources-2.6.20-r1.ebuild:
586 Revision bump, grabbing a newer grsecurity snapshot.
587
588 *hardened-sources-2.6.20 (25 Mar 2007)
589
590 25 Mar 2007; Christian Heim <phreak@gentoo.org>
591 +hardened-sources-2.6.20.ebuild:
592 Finally a hardened-sources version for 2.6.20; many people have been waiting
593 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
594 testbox.
595
596 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
597 hardened-sources-2.6.18-r6.ebuild:
598 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
599
600 *hardened-sources-2.6.18-r6 (16 Mar 2007)
601
602 16 Mar 2007; Christian Heim <phreak@gentoo.org>
603 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
604 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
605 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
606 supposed to be.
607
608 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
609 Fixing the Manifest, the previous one was broken (as in still had the
610 deleted ebuild in it).
611
612 06 Mar 2007; Christian Heim <phreak@gentoo.org>
613 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
614 +hardened-sources-2.6.18-r5.ebuild:
615 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
616 Linux 2.6.18.8. Also cleaning up the older version.
617
618 *hardened-sources-2.6.18-r5 (06 Mar 2007)
619
620 06 Mar 2007; Christian Heim <phreak@gentoo.org>
621 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
622 +hardened-sources-2.6.18-r5.ebuild:
623 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
624 Linux 2.6.18.8. Also cleaning up the older version.
625
626 24 Feb 2007; Christian Heim <phreak@gentoo.org>
627 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
628 -hardened-sources-2.6.19-r5.ebuild:
629 Removing some of the old version, that didn't work.
630
631 *hardened-sources-2.6.19-r6 (12 Feb 2007)
632
633 12 Feb 2007; Christian Heim <phreak@gentoo.org>
634 +hardened-sources-2.6.19-r6.ebuild:
635 Revision bump, including a new grsec version fixing #166235.
636
637 *hardened-sources-2.4.34 (24 Jan 2007)
638
639 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
640 Manifest:
641 updating Manifest with checksums of new tarball and ebuild
642
643 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
644 +hardened-sources-2.4.34.ebuild:
645 I added new hardened sources 2.4 update, this is a critical path
646 security bugfix - all users of h-s are strongly advised
647 to update their existing hardened sources to this version.
648 It contains a fix for a kernel vulnerability that is pertaining
649 to the PaX changes to virtual memory management, possibly leading
650 to a local kernel exploit ... see grsecurity.net forums and homepage
651
652 23 Jan 2007; Christian Heim <phreak@gentoo.org>
653 files/digest-hardened-sources-2.6.19-r5, Manifest:
654 Fixing the patch-tarball digest.
655
656 *hardened-sources-2.6.19-r5 (23 Jan 2007)
657
658 23 Jan 2007; Christian Heim <phreak@gentoo.org>
659 +hardened-sources-2.6.19-r5.ebuild:
660 Revision bump, closing the recently discovered PaX expand_stack()
661 vulnerability.
662
663 *hardened-sources-2.6.19-r4 (14 Jan 2007)
664
665 14 Jan 2007; Christian Heim <phreak@gentoo.org>
666 +hardened-sources-2.6.19-r4.ebuild:
667 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
668 dropping the randomized PID feature.
669
670 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
671 hardened-sources-2.4.33.4.ebuild:
672 stable x86, bug #161171
673
674 *hardened-sources-2.6.19-r3 (27 Dec 2006)
675
676 27 Dec 2006; Christian Heim <phreak@gentoo.org>
677 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
678 Revision bump for bug #157186 and #158786.
679
680 *hardened-sources-2.6.18-r4 (27 Dec 2006)
681
682 27 Dec 2006; Christian Heim <phreak@gentoo.org>
683 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
684 Revision bump for bug #157186.
685
686 *hardened-sources-2.6.19-r2 (23 Dec 2006)
687
688 23 Dec 2006; Christian Heim <phreak@gentoo.org>
689 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
690 Revision bump to pull in genpatches-2.6.19-3 for #157186.
691
692 17 Dec 2006; Christian Heim <phreak@gentoo.org>
693 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
694 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
695 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
696 hardened-sources-2.6.19-r1.ebuild:
697 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
698 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
699
700 *hardened-sources-2.4.33.4 (17 Dec 2006)
701
702 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
703 +hardened-sources-2.4.33.4.ebuild:
704 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
705 and quilting
706
707 *hardened-sources-2.6.19-r1 (14 Dec 2006)
708
709 14 Dec 2006; Christian Heim <phreak@gentoo.org>
710 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
711 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
712 for reporting).
713
714 *hardened-sources-2.6.19 (13 Dec 2006)
715
716 13 Dec 2006; Christian Heim <phreak@gentoo.org>
717 +hardened-sources-2.6.19.ebuild:
718 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
719 Brad for providing that prompt update.
720
721 *hardened-sources-2.6.18-r3 (13 Dec 2006)
722
723 13 Dec 2006; Christian Heim <phreak@gentoo.org>
724 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
725 +hardened-sources-2.6.18-r3.ebuild:
726 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
727 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
728
729 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
730 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
731
732 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
733 Stable on ppc wrt bug 157356
734
735 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
736 hardened-sources-2.6.18.ebuild:
737 stable x86, bug #157356
738
739 *hardened-sources-2.6.18-r2 (06 Dec 2006)
740
741 06 Dec 2006; Christian Heim <phreak@gentoo.org>
742 +hardened-sources-2.6.18-r2.ebuild:
743 Revision bump, including 2.6.18.5 (via genpatches) and
744 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
745 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
746 redesign.
747
748 06 Dec 2006; Christian Heim <phreak@gentoo.org>
749 hardened-sources-2.6.18.ebuild:
750 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
751 of Mike Doty).
752
753 *hardened-sources-2.6.18-r1 (23 Nov 2006)
754
755 23 Nov 2006; Christian Heim <phreak@gentoo.org>
756 +hardened-sources-2.6.18-r1.ebuild:
757 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
758
759 *hardened-sources-2.6.18 (11 Nov 2006)
760
761 11 Nov 2006; Christian Heim <phreak@gentoo.org>
762 +hardened-sources-2.6.18.ebuild:
763 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
764
765 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
766 - mark amd64 stable also. bug #151877
767
768 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
769 - mark 2.6.17-r1 stable
770
771 27 Aug 2006; Christian Heim <phreak@gentoo.org>
772 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
773 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
774
775 *hardened-sources-2.6.17-r1 (26 Aug 2006)
776
777 26 Aug 2006; Christian Heim <phreak@gentoo.org>
778 +hardened-sources-2.6.17-r1.ebuild:
779 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
780 grsecurity patch.
781
782 *hardened-sources-2.6.17 (17 Aug 2006)
783
784 17 Aug 2006; Christian Heim <phreak@gentoo.org>
785 +hardened-sources-2.6.17.ebuild:
786 Bumping the hardened-sources-2.6 series to 2.6.17, using
787 genpatches-2.6.17-6.base.
788
789 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
790 - stable on x86 and amd64
791
792 *hardened-sources-2.6.16-r11 (15 Jul 2006)
793
794 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
795 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
796 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
797 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
798 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
799 crusty ebuilds
800
801 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
802 hardened-sources-2.6.16-r10.ebuild:
803 marking stable on x86 and amd64
804
805 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
806 - 2.4.32-r6 stable on x86. RSBAC state unknown
807
808 *hardened-sources-2.4.32-r7 (10 Jul 2006)
809
810 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
811 +hardened-sources-2.4.32-r7.ebuild:
812 Bump PaX for RSBAC to test-17
813
814 *hardened-sources-2.6.16-r9 (03 Jul 2006)
815
816 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
817 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
818 hardened-sources-2.6.16 bump to latest -base.
819
820 *hardened-sources-2.4.32-r6 (30 Jun 2006)
821
822 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
823 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
824 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
825 sysctl controlable resource logging
826
827 *hardened-sources-2.6.16-r7 (05 Jun 2006)
828
829 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
830 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
831 push new 2.6.16 release in preparation for stable
832
833 22 May 2006; <solar@gentoo.org> :
834 - redigest bug 134002
835
836 *hardened-sources-2.4.32-r5 (16 May 2006)
837
838 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
839 +hardened-sources-2.4.32-r5.ebuild:
840 Fixes rsbac common patching (new patch in new -r5 patchset)
841
842 *hardened-sources-2.4.32-r4 (13 May 2006)
843
844 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
845 +hardened-sources-2.4.32-r4.ebuild:
846 - security bumps
847
848 *hardened-sources-2.6.16-r6 (03 May 2006)
849
850 03 May 2006; John Mylchreest <johnm@gentoo.org>
851 +hardened-sources-2.6.16-r6.ebuild:
852 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
853
854 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
855 hardened-sources-2.6.14-r8.ebuild:
856 fix x86_64 build problem, this will delay the digest issue again for a short
857 while but it will sort itself out
858
859 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
860 hardened-sources-2.6.14-r8.ebuild:
861 bump hardened patchset
862
863 27 Apr 2006; Alec Warner <antarus@gentoo.org>
864 files/digest-hardened-sources-2.4.32-r2,
865 files/digest-hardened-sources-2.4.32-r3,
866 files/digest-hardened-sources-2.6.14-r8, Manifest:
867 Fixing duff SHA256 digests: Bug # 131293
868
869 *hardened-sources-2.6.16-r5 (27 Apr 2006)
870
871 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
872 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
873 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
874 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
875 cleanup of old uneccessary sources
876
877 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
878 fix digest
879
880 *hardened-sources-2.6.14-r8 (20 Apr 2006)
881
882 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
883 +hardened-sources-2.6.14-r8.ebuild:
884 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
885
886 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
887 Turning on gpg-signing again, and recomitting
888
889 *hardened-sources-2.6.16-r4 (20 Apr 2006)
890
891 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
892 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
893 +hardened-sources-2.6.16-r4.ebuild:
894 Fix numerous security vulns
895
896 *hardened-sources-2.4.32-r3 (16 Apr 2006)
897
898 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
899 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
900 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
901 - security bump for bug #112791. Removed old ebuilds
902
903 *hardened-sources-2.6.16-r3 (15 Apr 2006)
904
905 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
906 +hardened-sources-2.6.16-r3.ebuild:
907 Removing silly localversion which I missed
908
909 *hardened-sources-2.6.14-r7 (14 Apr 2006)
910
911 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
912 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
913 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
914
915 *hardened-sources-2.6.16-r2 (13 Apr 2006)
916
917 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
918 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
919 +hardened-sources-2.6.16-r2.ebuild:
920 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
921 labels, dropping USERGROUP define fixes, since these were merged mainstream.
922
923 *hardened-sources-2.6.16-r1 (11 Apr 2006)
924
925 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
926 +hardened-sources-2.6.16-r1.ebuild:
927 Bumping to include ppc build fix and 2.6.16.3
928
929 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
930 hardened-sources-2.6.14-r6.ebuild:
931 Stable on x86; bug #127718
932
933 *hardened-sources-2.6.16 (31 Mar 2006)
934
935 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
936 +hardened-sources-2.6.16.ebuild:
937 Bumping to new version of grsec, and kernel base. New squashfs. Based on
938 2.6.16.1
939
940 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
941 hardened-sources-2.6.14-r6.ebuild:
942 Stable on amd64, bug 127718.
943
944 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
945 Stable on ppc. Bug #127718
946
947 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
948 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
949 -hardened-sources-2.6.14-r4.ebuild:
950 Cleanup.
951
952 *hardened-sources-2.6.14-r6 (15 Mar 2006)
953
954 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
955 +hardened-sources-2.6.14-r6.ebuild:
956 Fixes grsec policy recreation bug and adds a
957 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
958
959 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
960 - stable on x86
961
962 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
963 hardened-sources-2.6.14-r5.ebuild:
964 Stable on ppc.
965
966 *hardened-sources-2.6.14-r5 (01 Feb 2006)
967
968 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
969 +hardened-sources-2.6.14-r5.ebuild:
970 fixing every known exploit
971
972 *hardened-sources-2.4.32-r2 (26 Jan 2006)
973
974 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
975 +hardened-sources-2.4.32-r2.ebuild:
976 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
977
978 *hardened-sources-2.6.14-r4 (12 Jan 2006)
979
980 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
981 - version bump for new genpatches which fix up a few sec holes
982
983 *hardened-sources-2.4.32-r1 (05 Jan 2006)
984
985 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
986 - revision bump to add misc vital linux kernel security patches.
987
988 *hardened-sources-2.6.14-r3 (30 Dec 2005)
989
990 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
991 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
992 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
993
994 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
995 hardened-sources-2.6.14-r2.ebuild:
996 making x86 & amd64 stable following testing.
997
998 *hardened-sources-2.6.14-r2 (27 Dec 2005)
999
1000 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1001 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1002 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1003 network hooks.
1004
1005 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1006 hardened-sources-2.6.14-r1.ebuild:
1007 bumping to stable early for sec fix on x86 & amd64
1008
1009 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1010
1011 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1012 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1013 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1014
1015 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1016 - stable on x86 security bug #114227 CAN-2005-3257
1017
1018 *hardened-sources-2.4.32 (19 Nov 2005)
1019
1020 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1021 +hardened-sources-2.4.32.ebuild:
1022 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1023 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1024 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1025 rsbac >> /etc/portage/package.use)
1026
1027 *hardened-sources-2.6.14 (14 Nov 2005)
1028
1029 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1030 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1031 Bumping 2.6 series to 2.6.14.2
1032
1033 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1034
1035 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1036 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1037 +hardened-sources-2.6.13-r2.ebuild:
1038 Fixes minor build error in ppc.
1039
1040 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1041
1042 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1043 +hardened-sources-2.6.13-r1.ebuild:
1044 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1045 2.6.13.4, fixes some major amd64 stability problems.
1046
1047 *hardened-sources-2.6.13 (16 Sep 2005)
1048
1049 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1050 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1051 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1052 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1053 users should test this thoroughly.
1054
1055 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1056 - stable on x86
1057
1058 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1059
1060 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1061 +hardened-sources-2.6.11-r15.ebuild:
1062 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1063 grsec redefining curr_ip struct.
1064
1065 *hardened-sources-2.4.31 (20 Jun 2005)
1066
1067 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1068 initial import of 2.4.31 tree
1069
1070 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1071
1072 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1073 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1074 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1075 naming scheme to abide by genpatches
1076
1077 *hardened-sources-2.6.11-r13 (18 May 2005)
1078
1079 18 May 2005; John Mylchreest <johnm@gentoo.org>
1080 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1081 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1082 target. sorry about that. Fixes bug #93022
1083
1084 *hardened-sources-2.6.11-r12 (17 May 2005)
1085
1086 17 May 2005; John Mylchreest <johnm@gentoo.org>
1087 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1088 +hardened-sources-2.6.11-r12.ebuild:
1089 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1090 merges in genpatches-base
1091
1092 *hardened-sources-2.6.11-r12 (17 May 2005)
1093
1094 17 May 2005; John Mylchreest <johnm@gentoo.org>
1095 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1096 +hardened-sources-2.6.11-r12.ebuild:
1097 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1098 merges in genpatches-base
1099
1100 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1101 -files/2.4.27-cmdline-race.patch,
1102 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1103 -files/2.4.28-grsec-binfmt_a.out.patch,
1104 -files/2.4.28-grsec-cmdline-race.patch,
1105 -files/2.4.28-selinux-binfmt_a.out.patch,
1106 -files/2.4.28-selinux-cmdline-race.patch,
1107 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1108 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1109 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1110 cleanup..
1111
1112 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1113
1114 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1115 - disable aout by default
1116
1117 *hardened-sources-2.4.30 (18 Apr 2005)
1118
1119 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1120 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1121 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1122 use
1123
1124 *hardened-sources-2.4.29 (30 Mar 2005)
1125
1126 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1127 +hardened-sources-2.4.29.ebuild:
1128 New hardened-patches-2.4-29.0 patchball.
1129 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1130
1131 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1132
1133 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1134 +hardened-sources-2.4.28-r5.ebuild:
1135 Added a fix for a PaX vulnerability.
1136
1137 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1138 hardened-sources-2.4.28-r4.ebuild:
1139 Stable on x86
1140
1141 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1142 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1143 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1144 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1145 - fixed/added RDEPEND= in all kernel-2 ebuilds
1146
1147 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1148
1149 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1150 +hardened-sources-2.4.28-r4.ebuild:
1151 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1152 backport of neighbour hash updates.
1153
1154 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1155 hardened-sources-2.4.28-r3.ebuild:
1156 Stable on x86
1157
1158 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1159
1160 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1161 +hardened-sources-2.6.10-r3.ebuild:
1162 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1163 in 2005.0
1164
1165 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1166 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1167 hardened-sources-2.4.28-r2.ebuild:
1168 Mark stable on x86
1169
1170 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1171
1172 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1173 +hardened-sources-2.4.28-r3.ebuild:
1174 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1175
1176 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1177 hardened-sources-2.4.28.ebuild:
1178 Mark stable on x86.
1179
1180 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1181
1182 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1183 +hardened-sources-2.4.28-r2.ebuild:
1184 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1185 Mazinger for grsecurity patches as well.
1186
1187 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1188
1189 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1190 Security bump. Thank tocharian for rolling a new patchset...
1191
1192 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1193 +files/2.4.28-grsec-cmdline-race.patch,
1194 +files/2.4.28-selinux-binfmt_a.out.patch,
1195 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1196 - Round up remaining security patches that appear to be missing in 2.4.28. -
1197 PaX standalone updated to current. hgpv=28.1
1198
1199 *hardened-sources-2.4.28 (28 Nov 2004)
1200
1201 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1202 security bump. Thank tocharian for rolling a new patchset
1203
1204 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1205
1206 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1207 +hardened-sources-2.4.27-r3.ebuild:
1208 Applies the new 2.4-27.2 patchball which updates
1209 GRSecurity to the 2.0.1 version.
1210
1211 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1212
1213 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1214 +hardened-sources-2.4.27-r2.ebuild:
1215 Version bump.
1216 This version uses the new 2.4-27.1 patchball which updates
1217 both the SELinux PaX hooks patch and the SELinux headers.
1218
1219 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1220
1221 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1222 +hardened-sources-2.4.27-r1.ebuild,
1223 -hardened-sources-2.4.27.ebuild,
1224 +files/2.4.27-cmdline-race.patch:
1225 Version bump, fix for cmdline race. See bug #59905.
1226
1227 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1228
1229 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1230 +hardened-sources-2.4.26-r6.ebuild,
1231 -hardened-sources-2.4.26-r5.ebuild,
1232 -hardened-sources-2.4.26-r4.ebuild,
1233 +files/2.4.26-cmdline-race.patch:
1234 Version bump, fix for cmdline race. See bug #59905.
1235
1236 *hardened-sources-2.4.27 (08 Aug 2004)
1237
1238 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1239 +hardened-sources-2.4.27.ebuild,
1240 +files/2.4.27-CAN-2004-0394.patch:
1241 Ported the patchball to the 2.4.27 kernel version.
1242
1243 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1244
1245 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1246 +hardened-sources-2.4.26-r5.ebuild:
1247 Updated to use the new hardened-patches-2.4-26.1 patchball.
1248 It adds the following features:
1249 - Squashfs
1250 - Ebtables
1251 - Netdev random (core+drivers)
1252 - Watchdog Timer (WDT) fix.
1253
1254 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1255
1256 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1257 +hardened-sources-2.4.26-r4.ebuild,
1258 +files/2.4.26-CAN-2004-0415.patch,
1259 -hardened-sources-2.4.26-3:
1260 Version bump, fix for CAN 0415, see bug #59378.
1261
1262 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1263
1264 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1265 +hardened-sources-2.4.26-r3.ebuild,
1266 +files/2.4.26-CAN-2004-0497.patch,
1267 -hardened-sources-2.4.26-r2.ebuild:
1268 Version bump, fixed CAN 0497, see bug #56171.
1269
1270 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1271
1272 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1273 +hardened-sources-2.4.26-r2.ebuild,
1274 +files/2.4.26-CAN-2004-0495.patch,
1275 +files/2.4.26-CAN-2004-0535.patch,
1276 -hardened-sources-2.4.26-r1.ebuild:
1277 Fixes for both CAN 0495 and 0535, see bug #54976
1278
1279 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1280 hardened-sources-2.4.26-r1.ebuild:
1281 QA - fix use invocation
1282
1283 *hardened-sources-2.4.26-r1 (22 June 2004)
1284
1285 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1286 +hardened-sources-2.4.26-r1.ebuild,
1287 +files/2.4.26-CAN-2004-0394.patch,
1288 +files/2.4.26-signal-race.patch,
1289 -hardened-sources-2.4.26.ebuild,
1290 -hardened-sources-2.4.24-r3.ebuild:
1291 Version bump for the CAN-2004-0394 issue and bug #53804
1292 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1293
1294
1295 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1296 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1297 Masked hardened-sources-2.4.26.ebuild broken for ppc
1298
1299 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1300 hardened-sources-2.4.24-r3.ebuild:
1301 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1302
1303 *hardened-sources-2.4.26 (29 May 2004)
1304
1305 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1306 +hardened-sources-2.4.26.ebuild:
1307 Updated hardened-sources for the 2.4.26 kernel
1308 Removed broken components, updated almost everything.
1309
1310 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1311
1312 17 Apr 2004; <plasmaroo@gentoo.org>
1313 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1314 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1315 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1316 +hardened-sources-2.4.24-r3.ebuild:
1317 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1318 vulnerabilities. Old revisions removed.
1319
1320 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1321
1322 15 Apr 2004; <plasmaroo@gentoo.org>
1323 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1324 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1325 Version bump for the CAN-2004-0109 issue; bug #47881.
1326
1327 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1328 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1329 Add eutils to inherit.
1330
1331 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1332
1333 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1334 files/hardened-sources-2.4.24.munmap.patch:
1335 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1336
1337 *hardened-sources-2.4.24 (06 Feb 2004)
1338
1339 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1340 hardened-sources-2.4.24.ebuild:
1341 Version bump, updated most of the components.
1342 This release includes the following:
1343
1344 - Hardened security
1345 - Netfilter patch-o-matic 20031219
1346 - FreeSWAN 2.04 & x509 1.4.8
1347 - EVMS 2.2.2
1348 - XFS 1.3.1
1349 - cryptoloop jari
1350 - grsecurity 2.0-rc4
1351 - SELinux
1352 - PaX 200402060000
1353 - PaX Obscurity 200308302223
1354 - Others...
1355
1356 Neither -ck nor systrace are included anymore.
1357
1358 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1359
1360 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1361 hardened-sources-2.4.22-r2.ebuild:
1362 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1363
1364 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1365
1366 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1367 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1368
1369 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1370 hardened-sources-2.4.22-r1.ebuild:
1371 Version bump for the 'do_brk' vulnerability.
1372
1373 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1374 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1375 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1376 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1377 Fix the 'do_brk' vulnerability.
1378
1379 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1380 hardened-sources-2.4.22.ebuild:
1381 - Removed the src_install() portion for SELinux flask
1382 components. These are no longer handled in the kernel
1383 so this code was not necessary.
1384
1385 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1386 New 2.4.22 based hardened-sources thanks to
1387 Phil West <p.west@computer.org>.
1388
1389 These sources include:
1390 - New SELinux API
1391 - Updated CK-base
1392 - Updated GRSec
1393 - Systrace
1394 - SuperFreeS/WAN 1.99.8
1395 - Propolice kernel build support
1396 - EVMS
1397 - Other various security related patches
1398
1399 *hardened-sources-2.4.21 (14 Sep 2003)
1400
1401 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1402 Updated hardened-sources based on the 2.4.21 Linux kernel.
1403 This includes updates to most major components such as:
1404 - ck-base-0306300059
1405 - selinux-2.4-2003071106
1406 - grsecurity-2.0-rc1
1407 - Updated IPTables patch-o-matic
1408 - Updated SuperFreeS/WAN
1409
1410 Thanks to Phil West <pwest@computer.org> for his work in getting this
1411 updated patch set ready for the 2.4.21 based kernel.
1412
1413 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1414 Initial import of hardened-sources-2.4.20-r4. This revision
1415 includes only a few changes, but one of these is an important
1416 security fix. It is recommended all users of hardened-sources
1417 upgrade to this release.
1418
1419 - ioperm bug fix
1420 - fixed compilation failure when building without GRSec
1421
1422 SAL (Secure Auditing for Linux) is NOT included in this revision
1423 due to time constraints, but is planned for inclusion in the near
1424 future.
1425
1426 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1427
1428 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1429 hardened-sources-2.4.20-r3.ebuild:
1430 Add Header...
1431
1432 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1433 hardened-sources-2.4.20-r3.ebuild:
1434 Removed warnings from ebuild. This kernel should be safe to
1435 use at this point.
1436
1437 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1438
1439 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1440 hardened-sources-2.4.20-r3.ebuild:
1441 New revision. Includes the following changes over -r2:
1442
1443 - ck7-base (O(1), preempt, low latency)
1444 - Super FreeS/WAN 1.99.7rc2
1445 - PaX for the LSM/SELinux branch
1446 - GRSecurity 2.0-pre4 (role based access control)
1447 - Systrace 1.3
1448 - EXT3 fixes
1449 - EVMS 2.0.1
1450 - GCC 3.1+ compile optimizations
1451 - ProPolice kernel build support
1452 - Hashing table security fixes
1453
1454 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1455
1456 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1457 Initial import of hardened-sources-r2. This new
1458 ebuild includes many new performance and security
1459 related patches. As in -r1, it will patch in
1460 LSM/SELinux if "selinux" is in USE, otherwise it
1461 will patch in GRSecurity. The following patches
1462 are included in this revision:
1463
1464 - O(1) Scheduler, Low Latency, and Preempt
1465 (pulled from the base CK patch)
1466 - ptrace exploit patch for the LSM kernel
1467 (the GRSec patch already fixes this)
1468 - LSM 2.4-2003040709
1469 - SELinux 2.4-2003040709
1470 - Systrace v1.2
1471 - IPTables patch-o-matic base patches - 20030107
1472 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1473 - Super FreeS/WAN 1.99.6.1
1474 - GRSecurity 1.9.9g
1475 - MPPE
1476 - EXT3 data journal fix
1477 - CIPE 1.5.4
1478
1479 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1480 hardened-sources-2.4.20-r1.ebuild, manifest:
1481 Updated to install flask components correctly for selinux.
1482
1483 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1484 hardened-sources-2.4.20-r1.ebuild:
1485 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1486 is patched in instead. Ptrace patches for selinux have also been added. In
1487 either case, systrace support will be patched in as well.
1488
1489 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1490 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1491 Revision bump for new sources.
1492
1493 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1494 hardened-sources-2.4.20-r1.ebuild:
1495 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1496
1497 *hardened-sources-2.4.20 (30 Mar 2003)
1498
1499 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1500 hardened-sources-2.4.20.ebuild:
1501 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20