/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.244 - (show annotations) (download)
Thu Oct 9 19:39:20 2008 UTC (5 years, 10 months ago) by gengor
Branch: MAIN
Changes since 1.243: +8 -1 lines
Add 2.6.25-r8, remove old versions.
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.243 2008/09/20 16:11:28 nixnut Exp $
4
5 *hardened-sources-2.6.25-r8 (09 Oct 2008)
6
7 09 Oct 2008; Gordon Malm <gengor@gentoo.org>
8 -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
9 -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
10 Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
11
12 20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
13 Stable on ppc
14
15 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
16 hardened-sources-2.6.25-r7.ebuild:
17 Stable amd64/x86.
18
19 *hardened-sources-2.6.26-r2 (13 Sep 2008)
20
21 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
22 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
23 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
24 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
25
26 *hardened-sources-2.6.25-r7 (13 Sep 2008)
27
28 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
29 +hardened-sources-2.6.25-r7.ebuild:
30 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
31
32 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
33 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
34 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
35 hardened-sources-2.6.26-r1.ebuild:
36 Update DESCRIPTION and HGPV_URI.
37
38 *hardened-sources-2.6.25-r6 (09 Sep 2008)
39
40 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
41 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
42 2.6.25-r6: Update to Linux 2.6.25.17.
43 2.6.24-r3: Removed.
44
45 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
46 hardened-sources-2.6.25-r5.ebuild:
47 Stable on amd64/x86
48
49 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
50 Update my email address.
51
52 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
53 stable on ppc
54
55 *hardened-sources-2.6.26-r1 (23 Aug 2008)
56 *hardened-sources-2.6.25-r5 (23 Aug 2008)
57
58 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
59 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
60 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
61 +hardened-sources-2.6.26-r1.ebuild:
62 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
63 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
64 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
65 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
66 (gengor).
67
68 *hardened-sources-2.6.26 (18 Aug 2008)
69 *hardened-sources-2.6.25-r4 (18 Aug 2008)
70
71 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
72 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
73 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
74 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
75 2.6.25-r2: Removed.
76
77 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
78 Remove phreak from metadata.xml (#96398)
79
80 *hardened-sources-2.6.25-r3 (31 Jul 2008)
81
82 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
83 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
84 +hardened-sources-2.6.25-r3.ebuild:
85 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
86 fixes, including security bug #231750.
87
88 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
89 Stable on ppc
90
91 *hardened-sources-2.6.25-r2 (05 Jul 2008)
92
93 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
94 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
95 +hardened-sources-2.6.25-r2.ebuild:
96 2.6.23-r4: Stable x86/amd64
97 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
98 2.6.23-r{11,12}: Removed due to multiple vulns.
99 (gengor & kerframil)
100
101 04 Jul 2008; nixnut <nixnut@gentoo.org>
102 hardened-sources-2.6.23-r13.ebuild:
103 Stable on ppc
104
105 *hardened-sources-2.6.25-r1 (30 Jun 2008)
106
107 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
108 +hardened-sources-2.6.25-r1.ebuild:
109 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
110 grsecurity release. 2.6.23-r13: x86/amd64 stable
111
112 *hardened-sources-2.6.25 (17 Jun 2008)
113 *hardened-sources-2.6.24-r3 (17 Jun 2008)
114 *hardened-sources-2.6.23-r13 (17 Jun 2008)
115
116 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
117 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
118 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
119 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
120 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
121 2.6.25: Initial 2.6.25 release.
122
123 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
124 - fasttrack to stable x86/amd64
125
126 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
127 Fix broken digest for linux-2.6.24.tar.bz2.
128
129 *hardened-sources-2.6.24-r2 (11 May 2008)
130 *hardened-sources-2.6.23-r12 (11 May 2008)
131
132 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
133 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
134 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
135 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
136 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
137 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
138 security bugs 219901, 220691, 220975, 220979, 221123. New
139 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
140 should be removed as far as I'm concerned, everything else remove due to
141 vulnerable to numerous security bugs or brokeness.
142
143 10 May 2008; nixnut <nixnut@gentoo.org>
144 hardened-sources-2.6.23-r11.ebuild:
145 Stable on ppc
146
147 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
148 - -r11 stable on x86/amd64
149
150 *hardened-sources-2.6.23-r11 (01 May 2008)
151
152 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
153 - version bump to fix ulgy linux bugs
154
155 *hardened-sources-2.6.24-r1 (30 Apr 2008)
156
157 30 Apr 2008; Christian Heim <phreak@gentoo.org>
158 +hardened-sources-2.6.24-r1.ebuild:
159 Revision bump (thanks to Kerin and Gordon, again), pulling
160 genpatches-2.6.24-7, solving #219089. Additionally contains further security
161 fixes plus some minor updates.
162
163 *hardened-sources-2.6.23-r10 (30 Apr 2008)
164
165 30 Apr 2008; Christian Heim <phreak@gentoo.org>
166 +hardened-sources-2.6.23-r10.ebuild:
167 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
168 Additional contains "various other fixes".
169
170 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
171 Update the longdescription in metadata, thanks to Gordon Malm.
172
173 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
174 Stable on ppc wrt bug #213255
175
176 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
177 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
178 - stable on x86/amd64 per request. Removed obsolete ebuilds
179
180 *hardened-sources-2.6.24 (07 Apr 2008)
181
182 07 Apr 2008; Christian Heim <phreak@gentoo.org>
183 +hardened-sources-2.6.24.ebuild:
184 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
185 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
186 for the many contributions and their continued effort in #216612) based on
187 2.6.24 and genpatches-2.6.24-5.
188
189 The current ebuild/patchset contains these things:
190 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
191 * Introduces bespoke server and workstation oriented security levels
192 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
193
194 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
195 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
196 maintaining it).
197
198 24 Mar 2008; Christian Heim <phreak@gentoo.org>
199 hardened-sources-2.4.35-r2.ebuild:
200 Fixing SRC_URI for 2.4.35-r2.
201
202 *hardened-sources-2.6.23-r9 (22 Mar 2008)
203
204 22 Mar 2008; Christian Heim <phreak@gentoo.org>
205 +hardened-sources-2.6.23-r9.ebuild:
206 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
207 * Change the default GIDs for some grsecurity options
208 * Revamp the Hardened [Gentoo] security level and make it the default level
209 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
210 * Fix a recursive lock -- call to capable() within ptrace_attach()
211 * Fix bug that allows audit and iscsi operations to be controlled via netlink
212
213 *hardened-sources-2.6.23-r8 (27 Feb 2008)
214
215 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
216 - version bump from Kerin Millar bug 210026
217
218 17 Feb 2008; <solar@gentoo.org> metadata.xml,
219 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
220 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
221 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
222 - stable on x86 and remove old ebuilds
223
224 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
225 - stable on amd64 per request of amd64 lead
226
227 *hardened-sources-2.6.23-r7 (11 Feb 2008)
228
229 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
230 - version bump from kerin.millar
231 Changes:
232
233 * Bump to genpatches-base-2.6.23-9
234 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
235 * Disables COMPAT_VDSO in x86/defconfig
236 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
237
238 25 Jan 2008; Christian Heim <phreak@gentoo.org>
239 -hardened-sources-2.6.22-r8.ebuild:
240 Cleaning up old versions.
241
242 *hardened-sources-2.6.23-r6 (25 Jan 2008)
243
244 25 Jan 2008; Christian Heim <phreak@gentoo.org>
245 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
246 Revision bump, pulling in the latest genpatches.
247
248 *hardened-sources-2.6.23-r5 (24 Dec 2007)
249
250 24 Dec 2007; Christian Heim <phreak@gentoo.org>
251 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
252 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
253 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
254 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
255
256 24 Dec 2007; Christian Heim <phreak@gentoo.org>
257 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
258 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
259 -hardened-sources-2.6.23-r3.ebuild:
260 Cleaning out some unused, old versions.
261
262 24 Dec 2007; Christian Heim <phreak@gentoo.org>
263 hardened-sources-2.6.23-r4.ebuild:
264 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
265 in the tree for long, but there isn't much of a difference between this and
266 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
267
268 *hardened-sources-2.6.23-r4 (23 Dec 2007)
269
270 23 Dec 2007; Christian Heim <phreak@gentoo.org>
271 +hardened-sources-2.6.23-r4.ebuild:
272 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
273
274 *hardened-sources-2.6.23-r3 (04 Dec 2007)
275
276 04 Dec 2007; Christian Heim <phreak@gentoo.org>
277 +hardened-sources-2.6.23-r3.ebuild:
278 Revision bump, pulling in 2.6.23.9.
279
280 *hardened-sources-2.6.23-r2 (25 Nov 2007)
281
282 25 Nov 2007; Christian Heim <phreak@gentoo.org>
283 +hardened-sources-2.6.23-r2.ebuild:
284 Updated patchset, thanks to solar.
285
286 *hardened-sources-2.6.23-r1 (31 Oct 2007)
287
288 31 Oct 2007; Christian Heim <phreak@gentoo.org>
289 +hardened-sources-2.6.23-r1.ebuild:
290 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
291
292 29 Oct 2007; <solar@gentoo.org> metadata.xml:
293 - update metadata.xml
294
295 25 Oct 2007; Christian Heim <phreak@gentoo.org>
296 hardened-sources-2.6.22-r8.ebuild:
297 Marking 2.6.22-r8 stable on amd64 and x86.
298
299 21 Oct 2007; Christian Heim <phreak@gentoo.org>
300 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
301 -hardened-sources-2.6.21-r4.ebuild:
302 Removing old ebuilds.
303
304 *hardened-sources-2.4.35-r2 (21 Oct 2007)
305
306 21 Oct 2007; Christian Heim <phreak@gentoo.org>
307 +hardened-sources-2.4.35-r2.ebuild:
308 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
309 patches.
310
311 *hardened-sources-2.6.22-r8 (21 Oct 2007)
312
313 21 Oct 2007; Christian Heim <phreak@gentoo.org>
314 +hardened-sources-2.6.22-r8.ebuild:
315 Yet another new patch, hopefully fixing the remaining issues we had w/
316 2.6.22. Candidate for stabling.
317
318 *hardened-sources-2.6.23 (13 Oct 2007)
319
320 13 Oct 2007; Christian Heim <phreak@gentoo.org>
321 +hardened-sources-2.6.23.ebuild:
322 Initial hardened-sources-2.6.23. If people still have problems w/ bug
323 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
324
325 11 Oct 2007; Christian Heim <phreak@gentoo.org>
326 hardened-sources-2.6.20-r10.ebuild:
327 Pulling in yet another new genpatches version, fixing the PWC bug for real.
328
329 04 Oct 2007; Christian Heim <phreak@gentoo.org>
330 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
331 Removing old versions.
332
333 *hardened-sources-2.6.22-r7 (01 Oct 2007)
334
335 01 Oct 2007; Christian Heim <phreak@gentoo.org>
336 +hardened-sources-2.6.22-r7.ebuild:
337 Revision bump, pulling in a newer patch. Should fix #194276.
338
339 30 Sep 2007; Christian Heim <phreak@gentoo.org>
340 hardened-sources-2.6.20-r10.ebuild:
341 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
342 Mike Doty).
343
344 *hardened-sources-2.6.22-r6 (26 Sep 2007)
345
346 26 Sep 2007; Christian Heim <phreak@gentoo.org>
347 +hardened-sources-2.6.22-r6.ebuild:
348 Revision bump, grabbing up till Linux 2.6.22.9.
349
350 24 Sep 2007; Christian Heim <phreak@gentoo.org>
351 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
352 Cleaning up further.
353
354 *hardened-sources-2.6.20-r10 (24 Sep 2007)
355
356 24 Sep 2007; Christian Heim <phreak@gentoo.org>
357 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
358 +hardened-sources-2.6.20-r10.ebuild:
359 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
360 revisions.
361
362 *hardened-sources-2.6.22-r5 (22 Sep 2007)
363
364 22 Sep 2007; Christian Heim <phreak@gentoo.org>
365 +hardened-sources-2.6.22-r5.ebuild:
366 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
367
368 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
369 Removing johnm from metadata.xml (see #186467 for reference).
370
371 *hardened-sources-2.6.22-r4 (17 Sep 2007)
372
373 17 Sep 2007; Christian Heim <phreak@gentoo.org>
374 +hardened-sources-2.6.22-r4.ebuild:
375 Revision bump, hopefully fixing all those weird PAX failures.
376
377 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
378 Updating the metadata.xml.
379
380 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
381 Removing tocharian from metadata due to his retirement (see #71718 for
382 reference).
383
384 *hardened-sources-2.6.20-r9 (30 Aug 2007)
385
386 30 Aug 2007; Christian Heim <phreak@gentoo.org>
387 +hardened-sources-2.6.20-r9.ebuild:
388 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
389
390 29 Aug 2007; Christian Heim <phreak@gentoo.org>
391 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
392 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
393 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
394 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
395 -hardened-sources-2.6.22-r2.ebuild:
396 Removing some redundant versions.
397
398 *hardened-sources-2.4.35-r1 (29 Aug 2007)
399
400 29 Aug 2007; Christian Heim <phreak@gentoo.org>
401 +hardened-sources-2.4.35-r1.ebuild:
402 Revision bump, new grsecurity patch.
403
404 *hardened-sources-2.6.20-r8 (26 Aug 2007)
405
406 26 Aug 2007; Christian Heim <phreak@gentoo.org>
407 +hardened-sources-2.6.20-r8.ebuild:
408 Revision bump for Linux 2.6.20.17.
409
410 *hardened-sources-2.6.22-r3 (22 Aug 2007)
411
412 22 Aug 2007; Christian Heim <phreak@gentoo.org>
413 +hardened-sources-2.6.22-r3.ebuild:
414 Revision bump for Linux 2.6.22.4.
415
416 16 Aug 2007; Christian Heim <phreak@gentoo.org>
417 hardened-sources-2.6.22-r2.ebuild:
418 Updated patchset, to fix the alignment against 2.6.22.3.
419
420 *hardened-sources-2.6.22-r2 (16 Aug 2007)
421
422 16 Aug 2007; Christian Heim <phreak@gentoo.org>
423 +hardened-sources-2.6.22-r2.ebuild:
424 Revision bump for Linux 2.6.22.3.
425
426 *hardened-sources-2.4.35 (16 Aug 2007)
427
428 16 Aug 2007; Christian Heim <phreak@gentoo.org>
429 +hardened-sources-2.4.35.ebuild:
430 Version bump, initial version for Linux 2.4.35.
431
432 *hardened-sources-2.6.21-r4 (16 Aug 2007)
433
434 16 Aug 2007; Christian Heim <phreak@gentoo.org>
435 +hardened-sources-2.6.21-r4.ebuild:
436 Revision bump for Linux 2.6.21.6.
437
438 *hardened-sources-2.6.20-r7 (16 Aug 2007)
439
440 16 Aug 2007; Christian Heim <phreak@gentoo.org>
441 +hardened-sources-2.6.20-r7.ebuild:
442 Revision bump for Linux 2.6.20.16.
443
444 *hardened-sources-2.6.22-r1 (13 Aug 2007)
445
446 13 Aug 2007; Christian Heim <phreak@gentoo.org>
447 +hardened-sources-2.6.22-r1.ebuild:
448 Yet another revision bump.
449
450 *hardened-sources-2.6.22 (10 Aug 2007)
451
452 10 Aug 2007; Christian Heim <phreak@gentoo.org>
453 +hardened-sources-2.6.22.ebuild:
454 Initial release for 2.6.22. If you are using hardened-sources on a desktop
455 machine (P4 or newer), be aware you might need to disable
456 CONFIG_PAX_PAGEEXEC.
457
458 04 Aug 2007; Christian Heim <phreak@gentoo.org>
459 hardened-sources-2.6.20-r6.ebuild:
460 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
461 2.6.20.15.
462
463 10 Jul 2007; Christian Heim <phreak@gentoo.org>
464 hardened-sources-2.6.20-r5.ebuild:
465 Marking hardened-sources-2.6.20-r5 stable on ppc.
466
467 10 Jul 2007; Christian Heim <phreak@gentoo.org>
468 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
469 Cleanup.
470
471 *hardened-sources-2.6.20-r6 (08 Jul 2007)
472
473 08 Jul 2007; Christian Heim <phreak@gentoo.org>
474 +hardened-sources-2.6.20-r6.ebuild:
475 Revision bump, grabbing yet another stable release.
476
477 17 Jun 2007; Christian Heim <phreak@gentoo.org>
478 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
479 -hardened-sources-2.6.21-r2.ebuild:
480 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
481 alpha stable KEYWORD by mistake.
482
483 17 Jun 2007; Christian Heim <phreak@gentoo.org>
484 hardened-sources-2.6.20-r5.ebuild:
485 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
486 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
487
488 *hardened-sources-2.6.21-r3 (12 Jun 2007)
489
490 12 Jun 2007; Christian Heim <phreak@gentoo.org>
491 +hardened-sources-2.6.21-r3.ebuild:
492 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
493 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
494 love.
495
496 *hardened-sources-2.6.20-r5 (11 Jun 2007)
497
498 11 Jun 2007; Christian Heim <phreak@gentoo.org>
499 +hardened-sources-2.6.20-r5.ebuild:
500 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
501 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
502 love.
503
504 *hardened-sources-2.4.34.5 (11 Jun 2007)
505
506 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
507 +hardened-sources-2.4.34.5.ebuild:
508 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
509
510 30 May 2007; Christian Heim <phreak@gentoo.org>
511 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
512 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
513 stale ebuild(s).
514
515 30 May 2007; Christian Heim <phreak@gentoo.org>
516 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
517 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
518 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
519 Doing some cleanups, remove stale ebuilds.
520
521 26 May 2007; Christian Heim <phreak@gentoo.org>
522 hardened-sources-2.6.21-r2.ebuild:
523 Fixing the grsecurity patch, had one '};' too much.
524
525 *hardened-sources-2.6.21-r2 (26 May 2007)
526
527 26 May 2007; Christian Heim <phreak@gentoo.org>
528 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
529 +hardened-sources-2.6.21-r2.ebuild:
530 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
531 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
532
533 *hardened-sources-2.6.20-r4 (26 May 2007)
534
535 26 May 2007; Christian Heim <phreak@gentoo.org>
536 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
537 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
538 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
539
540 15 May 2007; Christian Heim <phreak@gentoo.org>
541 hardened-sources-2.6.20-r3.ebuild:
542 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
543 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
544 grsecurity patch fail in that exact same hunk.
545
546 *hardened-sources-2.6.20-r3 (15 May 2007)
547
548 15 May 2007; Christian Heim <phreak@gentoo.org>
549 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
550 Revision bump, incorporating Linux 2.6.20.11.
551
552 *hardened-sources-2.6.21-r1 (11 May 2007)
553
554 11 May 2007; Christian Heim <phreak@gentoo.org>
555 +hardened-sources-2.6.21-r1.ebuild:
556 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
557 mentioned in #177234.
558
559 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
560 files/digest-hardened-sources-2.6.21, Manifest:
561 Fix Manifest/digest for linux-2.6.21.tar.bz2
562
563 06 May 2007; Christian Heim <phreak@gentoo.org>
564 hardened-sources-2.6.21.ebuild:
565 Bumping the hardened-patches version, needed for the fix for #177234.
566
567 *hardened-sources-2.6.21 (02 May 2007)
568
569 02 May 2007; Christian Heim <phreak@gentoo.org>
570 +hardened-sources-2.6.21.ebuild:
571 Version bump, Linux 2.6.21-hardened.
572
573 29 Apr 2007; Christian Heim <phreak@gentoo.org>
574 hardened-sources-2.6.20-r2.ebuild:
575 Adding ~ia64 on Ned's request.
576
577 29 Apr 2007; Christian Heim <phreak@gentoo.org>
578 hardened-sources-2.6.20-r2.ebuild:
579 Fixing the included grsecurity patch, wasn't alligning due to the Index:
580 header line(s).
581
582 29 Apr 2007; Christian Heim <phreak@gentoo.org>
583 hardened-sources-2.6.20-r2.ebuild:
584 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
585
586 *hardened-sources-2.6.20-r2 (10 Apr 2007)
587
588 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
589 +hardened-sources-2.6.20-r2.ebuild:
590 Version bump, on behalf of phreak
591
592 *hardened-sources-2.6.20-r1 (04 Apr 2007)
593
594 04 Apr 2007; Christian Heim <phreak@gentoo.org>
595 +hardened-sources-2.6.20-r1.ebuild:
596 Revision bump, grabbing a newer grsecurity snapshot.
597
598 *hardened-sources-2.6.20 (25 Mar 2007)
599
600 25 Mar 2007; Christian Heim <phreak@gentoo.org>
601 +hardened-sources-2.6.20.ebuild:
602 Finally a hardened-sources version for 2.6.20; many people have been waiting
603 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
604 testbox.
605
606 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
607 hardened-sources-2.6.18-r6.ebuild:
608 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
609
610 *hardened-sources-2.6.18-r6 (16 Mar 2007)
611
612 16 Mar 2007; Christian Heim <phreak@gentoo.org>
613 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
614 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
615 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
616 supposed to be.
617
618 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
619 Fixing the Manifest, the previous one was broken (as in still had the
620 deleted ebuild in it).
621
622 06 Mar 2007; Christian Heim <phreak@gentoo.org>
623 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
624 +hardened-sources-2.6.18-r5.ebuild:
625 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
626 Linux 2.6.18.8. Also cleaning up the older version.
627
628 *hardened-sources-2.6.18-r5 (06 Mar 2007)
629
630 06 Mar 2007; Christian Heim <phreak@gentoo.org>
631 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
632 +hardened-sources-2.6.18-r5.ebuild:
633 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
634 Linux 2.6.18.8. Also cleaning up the older version.
635
636 24 Feb 2007; Christian Heim <phreak@gentoo.org>
637 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
638 -hardened-sources-2.6.19-r5.ebuild:
639 Removing some of the old version, that didn't work.
640
641 *hardened-sources-2.6.19-r6 (12 Feb 2007)
642
643 12 Feb 2007; Christian Heim <phreak@gentoo.org>
644 +hardened-sources-2.6.19-r6.ebuild:
645 Revision bump, including a new grsec version fixing #166235.
646
647 *hardened-sources-2.4.34 (24 Jan 2007)
648
649 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
650 Manifest:
651 updating Manifest with checksums of new tarball and ebuild
652
653 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
654 +hardened-sources-2.4.34.ebuild:
655 I added new hardened sources 2.4 update, this is a critical path
656 security bugfix - all users of h-s are strongly advised
657 to update their existing hardened sources to this version.
658 It contains a fix for a kernel vulnerability that is pertaining
659 to the PaX changes to virtual memory management, possibly leading
660 to a local kernel exploit ... see grsecurity.net forums and homepage
661
662 23 Jan 2007; Christian Heim <phreak@gentoo.org>
663 files/digest-hardened-sources-2.6.19-r5, Manifest:
664 Fixing the patch-tarball digest.
665
666 *hardened-sources-2.6.19-r5 (23 Jan 2007)
667
668 23 Jan 2007; Christian Heim <phreak@gentoo.org>
669 +hardened-sources-2.6.19-r5.ebuild:
670 Revision bump, closing the recently discovered PaX expand_stack()
671 vulnerability.
672
673 *hardened-sources-2.6.19-r4 (14 Jan 2007)
674
675 14 Jan 2007; Christian Heim <phreak@gentoo.org>
676 +hardened-sources-2.6.19-r4.ebuild:
677 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
678 dropping the randomized PID feature.
679
680 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
681 hardened-sources-2.4.33.4.ebuild:
682 stable x86, bug #161171
683
684 *hardened-sources-2.6.19-r3 (27 Dec 2006)
685
686 27 Dec 2006; Christian Heim <phreak@gentoo.org>
687 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
688 Revision bump for bug #157186 and #158786.
689
690 *hardened-sources-2.6.18-r4 (27 Dec 2006)
691
692 27 Dec 2006; Christian Heim <phreak@gentoo.org>
693 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
694 Revision bump for bug #157186.
695
696 *hardened-sources-2.6.19-r2 (23 Dec 2006)
697
698 23 Dec 2006; Christian Heim <phreak@gentoo.org>
699 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
700 Revision bump to pull in genpatches-2.6.19-3 for #157186.
701
702 17 Dec 2006; Christian Heim <phreak@gentoo.org>
703 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
704 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
705 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
706 hardened-sources-2.6.19-r1.ebuild:
707 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
708 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
709
710 *hardened-sources-2.4.33.4 (17 Dec 2006)
711
712 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
713 +hardened-sources-2.4.33.4.ebuild:
714 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
715 and quilting
716
717 *hardened-sources-2.6.19-r1 (14 Dec 2006)
718
719 14 Dec 2006; Christian Heim <phreak@gentoo.org>
720 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
721 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
722 for reporting).
723
724 *hardened-sources-2.6.19 (13 Dec 2006)
725
726 13 Dec 2006; Christian Heim <phreak@gentoo.org>
727 +hardened-sources-2.6.19.ebuild:
728 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
729 Brad for providing that prompt update.
730
731 *hardened-sources-2.6.18-r3 (13 Dec 2006)
732
733 13 Dec 2006; Christian Heim <phreak@gentoo.org>
734 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
735 +hardened-sources-2.6.18-r3.ebuild:
736 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
737 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
738
739 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
740 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
741
742 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
743 Stable on ppc wrt bug 157356
744
745 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
746 hardened-sources-2.6.18.ebuild:
747 stable x86, bug #157356
748
749 *hardened-sources-2.6.18-r2 (06 Dec 2006)
750
751 06 Dec 2006; Christian Heim <phreak@gentoo.org>
752 +hardened-sources-2.6.18-r2.ebuild:
753 Revision bump, including 2.6.18.5 (via genpatches) and
754 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
755 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
756 redesign.
757
758 06 Dec 2006; Christian Heim <phreak@gentoo.org>
759 hardened-sources-2.6.18.ebuild:
760 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
761 of Mike Doty).
762
763 *hardened-sources-2.6.18-r1 (23 Nov 2006)
764
765 23 Nov 2006; Christian Heim <phreak@gentoo.org>
766 +hardened-sources-2.6.18-r1.ebuild:
767 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
768
769 *hardened-sources-2.6.18 (11 Nov 2006)
770
771 11 Nov 2006; Christian Heim <phreak@gentoo.org>
772 +hardened-sources-2.6.18.ebuild:
773 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
774
775 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
776 - mark amd64 stable also. bug #151877
777
778 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
779 - mark 2.6.17-r1 stable
780
781 27 Aug 2006; Christian Heim <phreak@gentoo.org>
782 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
783 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
784
785 *hardened-sources-2.6.17-r1 (26 Aug 2006)
786
787 26 Aug 2006; Christian Heim <phreak@gentoo.org>
788 +hardened-sources-2.6.17-r1.ebuild:
789 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
790 grsecurity patch.
791
792 *hardened-sources-2.6.17 (17 Aug 2006)
793
794 17 Aug 2006; Christian Heim <phreak@gentoo.org>
795 +hardened-sources-2.6.17.ebuild:
796 Bumping the hardened-sources-2.6 series to 2.6.17, using
797 genpatches-2.6.17-6.base.
798
799 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
800 - stable on x86 and amd64
801
802 *hardened-sources-2.6.16-r11 (15 Jul 2006)
803
804 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
805 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
806 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
807 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
808 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
809 crusty ebuilds
810
811 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
812 hardened-sources-2.6.16-r10.ebuild:
813 marking stable on x86 and amd64
814
815 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
816 - 2.4.32-r6 stable on x86. RSBAC state unknown
817
818 *hardened-sources-2.4.32-r7 (10 Jul 2006)
819
820 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
821 +hardened-sources-2.4.32-r7.ebuild:
822 Bump PaX for RSBAC to test-17
823
824 *hardened-sources-2.6.16-r9 (03 Jul 2006)
825
826 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
827 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
828 hardened-sources-2.6.16 bump to latest -base.
829
830 *hardened-sources-2.4.32-r6 (30 Jun 2006)
831
832 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
833 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
834 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
835 sysctl controlable resource logging
836
837 *hardened-sources-2.6.16-r7 (05 Jun 2006)
838
839 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
840 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
841 push new 2.6.16 release in preparation for stable
842
843 22 May 2006; <solar@gentoo.org> :
844 - redigest bug 134002
845
846 *hardened-sources-2.4.32-r5 (16 May 2006)
847
848 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
849 +hardened-sources-2.4.32-r5.ebuild:
850 Fixes rsbac common patching (new patch in new -r5 patchset)
851
852 *hardened-sources-2.4.32-r4 (13 May 2006)
853
854 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
855 +hardened-sources-2.4.32-r4.ebuild:
856 - security bumps
857
858 *hardened-sources-2.6.16-r6 (03 May 2006)
859
860 03 May 2006; John Mylchreest <johnm@gentoo.org>
861 +hardened-sources-2.6.16-r6.ebuild:
862 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
863
864 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
865 hardened-sources-2.6.14-r8.ebuild:
866 fix x86_64 build problem, this will delay the digest issue again for a short
867 while but it will sort itself out
868
869 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
870 hardened-sources-2.6.14-r8.ebuild:
871 bump hardened patchset
872
873 27 Apr 2006; Alec Warner <antarus@gentoo.org>
874 files/digest-hardened-sources-2.4.32-r2,
875 files/digest-hardened-sources-2.4.32-r3,
876 files/digest-hardened-sources-2.6.14-r8, Manifest:
877 Fixing duff SHA256 digests: Bug # 131293
878
879 *hardened-sources-2.6.16-r5 (27 Apr 2006)
880
881 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
882 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
883 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
884 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
885 cleanup of old uneccessary sources
886
887 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
888 fix digest
889
890 *hardened-sources-2.6.14-r8 (20 Apr 2006)
891
892 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
893 +hardened-sources-2.6.14-r8.ebuild:
894 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
895
896 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
897 Turning on gpg-signing again, and recomitting
898
899 *hardened-sources-2.6.16-r4 (20 Apr 2006)
900
901 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
902 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
903 +hardened-sources-2.6.16-r4.ebuild:
904 Fix numerous security vulns
905
906 *hardened-sources-2.4.32-r3 (16 Apr 2006)
907
908 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
909 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
910 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
911 - security bump for bug #112791. Removed old ebuilds
912
913 *hardened-sources-2.6.16-r3 (15 Apr 2006)
914
915 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
916 +hardened-sources-2.6.16-r3.ebuild:
917 Removing silly localversion which I missed
918
919 *hardened-sources-2.6.14-r7 (14 Apr 2006)
920
921 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
922 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
923 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
924
925 *hardened-sources-2.6.16-r2 (13 Apr 2006)
926
927 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
928 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
929 +hardened-sources-2.6.16-r2.ebuild:
930 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
931 labels, dropping USERGROUP define fixes, since these were merged mainstream.
932
933 *hardened-sources-2.6.16-r1 (11 Apr 2006)
934
935 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
936 +hardened-sources-2.6.16-r1.ebuild:
937 Bumping to include ppc build fix and 2.6.16.3
938
939 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
940 hardened-sources-2.6.14-r6.ebuild:
941 Stable on x86; bug #127718
942
943 *hardened-sources-2.6.16 (31 Mar 2006)
944
945 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
946 +hardened-sources-2.6.16.ebuild:
947 Bumping to new version of grsec, and kernel base. New squashfs. Based on
948 2.6.16.1
949
950 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
951 hardened-sources-2.6.14-r6.ebuild:
952 Stable on amd64, bug 127718.
953
954 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
955 Stable on ppc. Bug #127718
956
957 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
958 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
959 -hardened-sources-2.6.14-r4.ebuild:
960 Cleanup.
961
962 *hardened-sources-2.6.14-r6 (15 Mar 2006)
963
964 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
965 +hardened-sources-2.6.14-r6.ebuild:
966 Fixes grsec policy recreation bug and adds a
967 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
968
969 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
970 - stable on x86
971
972 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
973 hardened-sources-2.6.14-r5.ebuild:
974 Stable on ppc.
975
976 *hardened-sources-2.6.14-r5 (01 Feb 2006)
977
978 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
979 +hardened-sources-2.6.14-r5.ebuild:
980 fixing every known exploit
981
982 *hardened-sources-2.4.32-r2 (26 Jan 2006)
983
984 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
985 +hardened-sources-2.4.32-r2.ebuild:
986 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
987
988 *hardened-sources-2.6.14-r4 (12 Jan 2006)
989
990 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
991 - version bump for new genpatches which fix up a few sec holes
992
993 *hardened-sources-2.4.32-r1 (05 Jan 2006)
994
995 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
996 - revision bump to add misc vital linux kernel security patches.
997
998 *hardened-sources-2.6.14-r3 (30 Dec 2005)
999
1000 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1001 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1002 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1003
1004 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1005 hardened-sources-2.6.14-r2.ebuild:
1006 making x86 & amd64 stable following testing.
1007
1008 *hardened-sources-2.6.14-r2 (27 Dec 2005)
1009
1010 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1011 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1012 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1013 network hooks.
1014
1015 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1016 hardened-sources-2.6.14-r1.ebuild:
1017 bumping to stable early for sec fix on x86 & amd64
1018
1019 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1020
1021 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1022 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1023 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1024
1025 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1026 - stable on x86 security bug #114227 CAN-2005-3257
1027
1028 *hardened-sources-2.4.32 (19 Nov 2005)
1029
1030 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1031 +hardened-sources-2.4.32.ebuild:
1032 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1033 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1034 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1035 rsbac >> /etc/portage/package.use)
1036
1037 *hardened-sources-2.6.14 (14 Nov 2005)
1038
1039 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1040 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1041 Bumping 2.6 series to 2.6.14.2
1042
1043 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1044
1045 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1046 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1047 +hardened-sources-2.6.13-r2.ebuild:
1048 Fixes minor build error in ppc.
1049
1050 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1051
1052 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1053 +hardened-sources-2.6.13-r1.ebuild:
1054 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1055 2.6.13.4, fixes some major amd64 stability problems.
1056
1057 *hardened-sources-2.6.13 (16 Sep 2005)
1058
1059 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1060 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1061 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1062 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1063 users should test this thoroughly.
1064
1065 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1066 - stable on x86
1067
1068 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1069
1070 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1071 +hardened-sources-2.6.11-r15.ebuild:
1072 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1073 grsec redefining curr_ip struct.
1074
1075 *hardened-sources-2.4.31 (20 Jun 2005)
1076
1077 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1078 initial import of 2.4.31 tree
1079
1080 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1081
1082 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1083 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1084 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1085 naming scheme to abide by genpatches
1086
1087 *hardened-sources-2.6.11-r13 (18 May 2005)
1088
1089 18 May 2005; John Mylchreest <johnm@gentoo.org>
1090 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1091 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1092 target. sorry about that. Fixes bug #93022
1093
1094 *hardened-sources-2.6.11-r12 (17 May 2005)
1095
1096 17 May 2005; John Mylchreest <johnm@gentoo.org>
1097 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1098 +hardened-sources-2.6.11-r12.ebuild:
1099 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1100 merges in genpatches-base
1101
1102 *hardened-sources-2.6.11-r12 (17 May 2005)
1103
1104 17 May 2005; John Mylchreest <johnm@gentoo.org>
1105 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1106 +hardened-sources-2.6.11-r12.ebuild:
1107 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1108 merges in genpatches-base
1109
1110 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1111 -files/2.4.27-cmdline-race.patch,
1112 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1113 -files/2.4.28-grsec-binfmt_a.out.patch,
1114 -files/2.4.28-grsec-cmdline-race.patch,
1115 -files/2.4.28-selinux-binfmt_a.out.patch,
1116 -files/2.4.28-selinux-cmdline-race.patch,
1117 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1118 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1119 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1120 cleanup..
1121
1122 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1123
1124 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1125 - disable aout by default
1126
1127 *hardened-sources-2.4.30 (18 Apr 2005)
1128
1129 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1130 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1131 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1132 use
1133
1134 *hardened-sources-2.4.29 (30 Mar 2005)
1135
1136 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1137 +hardened-sources-2.4.29.ebuild:
1138 New hardened-patches-2.4-29.0 patchball.
1139 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1140
1141 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1142
1143 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1144 +hardened-sources-2.4.28-r5.ebuild:
1145 Added a fix for a PaX vulnerability.
1146
1147 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1148 hardened-sources-2.4.28-r4.ebuild:
1149 Stable on x86
1150
1151 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1152 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1153 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1154 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1155 - fixed/added RDEPEND= in all kernel-2 ebuilds
1156
1157 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1158
1159 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1160 +hardened-sources-2.4.28-r4.ebuild:
1161 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1162 backport of neighbour hash updates.
1163
1164 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1165 hardened-sources-2.4.28-r3.ebuild:
1166 Stable on x86
1167
1168 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1169
1170 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1171 +hardened-sources-2.6.10-r3.ebuild:
1172 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1173 in 2005.0
1174
1175 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1176 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1177 hardened-sources-2.4.28-r2.ebuild:
1178 Mark stable on x86
1179
1180 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1181
1182 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1183 +hardened-sources-2.4.28-r3.ebuild:
1184 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1185
1186 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1187 hardened-sources-2.4.28.ebuild:
1188 Mark stable on x86.
1189
1190 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1191
1192 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1193 +hardened-sources-2.4.28-r2.ebuild:
1194 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1195 Mazinger for grsecurity patches as well.
1196
1197 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1198
1199 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1200 Security bump. Thank tocharian for rolling a new patchset...
1201
1202 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1203 +files/2.4.28-grsec-cmdline-race.patch,
1204 +files/2.4.28-selinux-binfmt_a.out.patch,
1205 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1206 - Round up remaining security patches that appear to be missing in 2.4.28. -
1207 PaX standalone updated to current. hgpv=28.1
1208
1209 *hardened-sources-2.4.28 (28 Nov 2004)
1210
1211 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1212 security bump. Thank tocharian for rolling a new patchset
1213
1214 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1215
1216 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1217 +hardened-sources-2.4.27-r3.ebuild:
1218 Applies the new 2.4-27.2 patchball which updates
1219 GRSecurity to the 2.0.1 version.
1220
1221 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1222
1223 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1224 +hardened-sources-2.4.27-r2.ebuild:
1225 Version bump.
1226 This version uses the new 2.4-27.1 patchball which updates
1227 both the SELinux PaX hooks patch and the SELinux headers.
1228
1229 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1230
1231 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1232 +hardened-sources-2.4.27-r1.ebuild,
1233 -hardened-sources-2.4.27.ebuild,
1234 +files/2.4.27-cmdline-race.patch:
1235 Version bump, fix for cmdline race. See bug #59905.
1236
1237 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1238
1239 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1240 +hardened-sources-2.4.26-r6.ebuild,
1241 -hardened-sources-2.4.26-r5.ebuild,
1242 -hardened-sources-2.4.26-r4.ebuild,
1243 +files/2.4.26-cmdline-race.patch:
1244 Version bump, fix for cmdline race. See bug #59905.
1245
1246 *hardened-sources-2.4.27 (08 Aug 2004)
1247
1248 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1249 +hardened-sources-2.4.27.ebuild,
1250 +files/2.4.27-CAN-2004-0394.patch:
1251 Ported the patchball to the 2.4.27 kernel version.
1252
1253 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1254
1255 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1256 +hardened-sources-2.4.26-r5.ebuild:
1257 Updated to use the new hardened-patches-2.4-26.1 patchball.
1258 It adds the following features:
1259 - Squashfs
1260 - Ebtables
1261 - Netdev random (core+drivers)
1262 - Watchdog Timer (WDT) fix.
1263
1264 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1265
1266 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1267 +hardened-sources-2.4.26-r4.ebuild,
1268 +files/2.4.26-CAN-2004-0415.patch,
1269 -hardened-sources-2.4.26-3:
1270 Version bump, fix for CAN 0415, see bug #59378.
1271
1272 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1273
1274 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1275 +hardened-sources-2.4.26-r3.ebuild,
1276 +files/2.4.26-CAN-2004-0497.patch,
1277 -hardened-sources-2.4.26-r2.ebuild:
1278 Version bump, fixed CAN 0497, see bug #56171.
1279
1280 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1281
1282 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1283 +hardened-sources-2.4.26-r2.ebuild,
1284 +files/2.4.26-CAN-2004-0495.patch,
1285 +files/2.4.26-CAN-2004-0535.patch,
1286 -hardened-sources-2.4.26-r1.ebuild:
1287 Fixes for both CAN 0495 and 0535, see bug #54976
1288
1289 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1290 hardened-sources-2.4.26-r1.ebuild:
1291 QA - fix use invocation
1292
1293 *hardened-sources-2.4.26-r1 (22 June 2004)
1294
1295 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1296 +hardened-sources-2.4.26-r1.ebuild,
1297 +files/2.4.26-CAN-2004-0394.patch,
1298 +files/2.4.26-signal-race.patch,
1299 -hardened-sources-2.4.26.ebuild,
1300 -hardened-sources-2.4.24-r3.ebuild:
1301 Version bump for the CAN-2004-0394 issue and bug #53804
1302 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1303
1304
1305 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1306 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1307 Masked hardened-sources-2.4.26.ebuild broken for ppc
1308
1309 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1310 hardened-sources-2.4.24-r3.ebuild:
1311 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1312
1313 *hardened-sources-2.4.26 (29 May 2004)
1314
1315 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1316 +hardened-sources-2.4.26.ebuild:
1317 Updated hardened-sources for the 2.4.26 kernel
1318 Removed broken components, updated almost everything.
1319
1320 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1321
1322 17 Apr 2004; <plasmaroo@gentoo.org>
1323 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1324 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1325 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1326 +hardened-sources-2.4.24-r3.ebuild:
1327 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1328 vulnerabilities. Old revisions removed.
1329
1330 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1331
1332 15 Apr 2004; <plasmaroo@gentoo.org>
1333 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1334 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1335 Version bump for the CAN-2004-0109 issue; bug #47881.
1336
1337 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1338 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1339 Add eutils to inherit.
1340
1341 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1342
1343 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1344 files/hardened-sources-2.4.24.munmap.patch:
1345 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1346
1347 *hardened-sources-2.4.24 (06 Feb 2004)
1348
1349 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1350 hardened-sources-2.4.24.ebuild:
1351 Version bump, updated most of the components.
1352 This release includes the following:
1353
1354 - Hardened security
1355 - Netfilter patch-o-matic 20031219
1356 - FreeSWAN 2.04 & x509 1.4.8
1357 - EVMS 2.2.2
1358 - XFS 1.3.1
1359 - cryptoloop jari
1360 - grsecurity 2.0-rc4
1361 - SELinux
1362 - PaX 200402060000
1363 - PaX Obscurity 200308302223
1364 - Others...
1365
1366 Neither -ck nor systrace are included anymore.
1367
1368 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1369
1370 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1371 hardened-sources-2.4.22-r2.ebuild:
1372 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1373
1374 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1375
1376 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1377 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1378
1379 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1380 hardened-sources-2.4.22-r1.ebuild:
1381 Version bump for the 'do_brk' vulnerability.
1382
1383 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1384 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1385 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1386 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1387 Fix the 'do_brk' vulnerability.
1388
1389 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1390 hardened-sources-2.4.22.ebuild:
1391 - Removed the src_install() portion for SELinux flask
1392 components. These are no longer handled in the kernel
1393 so this code was not necessary.
1394
1395 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1396 New 2.4.22 based hardened-sources thanks to
1397 Phil West <p.west@computer.org>.
1398
1399 These sources include:
1400 - New SELinux API
1401 - Updated CK-base
1402 - Updated GRSec
1403 - Systrace
1404 - SuperFreeS/WAN 1.99.8
1405 - Propolice kernel build support
1406 - EVMS
1407 - Other various security related patches
1408
1409 *hardened-sources-2.4.21 (14 Sep 2003)
1410
1411 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1412 Updated hardened-sources based on the 2.4.21 Linux kernel.
1413 This includes updates to most major components such as:
1414 - ck-base-0306300059
1415 - selinux-2.4-2003071106
1416 - grsecurity-2.0-rc1
1417 - Updated IPTables patch-o-matic
1418 - Updated SuperFreeS/WAN
1419
1420 Thanks to Phil West <pwest@computer.org> for his work in getting this
1421 updated patch set ready for the 2.4.21 based kernel.
1422
1423 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1424 Initial import of hardened-sources-2.4.20-r4. This revision
1425 includes only a few changes, but one of these is an important
1426 security fix. It is recommended all users of hardened-sources
1427 upgrade to this release.
1428
1429 - ioperm bug fix
1430 - fixed compilation failure when building without GRSec
1431
1432 SAL (Secure Auditing for Linux) is NOT included in this revision
1433 due to time constraints, but is planned for inclusion in the near
1434 future.
1435
1436 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1437
1438 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1439 hardened-sources-2.4.20-r3.ebuild:
1440 Add Header...
1441
1442 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1443 hardened-sources-2.4.20-r3.ebuild:
1444 Removed warnings from ebuild. This kernel should be safe to
1445 use at this point.
1446
1447 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1448
1449 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1450 hardened-sources-2.4.20-r3.ebuild:
1451 New revision. Includes the following changes over -r2:
1452
1453 - ck7-base (O(1), preempt, low latency)
1454 - Super FreeS/WAN 1.99.7rc2
1455 - PaX for the LSM/SELinux branch
1456 - GRSecurity 2.0-pre4 (role based access control)
1457 - Systrace 1.3
1458 - EXT3 fixes
1459 - EVMS 2.0.1
1460 - GCC 3.1+ compile optimizations
1461 - ProPolice kernel build support
1462 - Hashing table security fixes
1463
1464 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1465
1466 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1467 Initial import of hardened-sources-r2. This new
1468 ebuild includes many new performance and security
1469 related patches. As in -r1, it will patch in
1470 LSM/SELinux if "selinux" is in USE, otherwise it
1471 will patch in GRSecurity. The following patches
1472 are included in this revision:
1473
1474 - O(1) Scheduler, Low Latency, and Preempt
1475 (pulled from the base CK patch)
1476 - ptrace exploit patch for the LSM kernel
1477 (the GRSec patch already fixes this)
1478 - LSM 2.4-2003040709
1479 - SELinux 2.4-2003040709
1480 - Systrace v1.2
1481 - IPTables patch-o-matic base patches - 20030107
1482 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1483 - Super FreeS/WAN 1.99.6.1
1484 - GRSecurity 1.9.9g
1485 - MPPE
1486 - EXT3 data journal fix
1487 - CIPE 1.5.4
1488
1489 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1490 hardened-sources-2.4.20-r1.ebuild, manifest:
1491 Updated to install flask components correctly for selinux.
1492
1493 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1494 hardened-sources-2.4.20-r1.ebuild:
1495 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1496 is patched in instead. Ptrace patches for selinux have also been added. In
1497 either case, systrace support will be patched in as well.
1498
1499 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1500 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1501 Revision bump for new sources.
1502
1503 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1504 hardened-sources-2.4.20-r1.ebuild:
1505 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1506
1507 *hardened-sources-2.4.20 (30 Mar 2003)
1508
1509 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1510 hardened-sources-2.4.20.ebuild:
1511 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20