/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.248 - (show annotations) (download)
Sun Oct 26 04:49:44 2008 UTC (5 years, 8 months ago) by gengor
Branch: MAIN
Changes since 1.247: +7 -1 lines
Add hardened-sources-2.6.25-r9
(Portage version: 2.1.4.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.247 2008/10/15 18:06:25 nixnut Exp $
4
5 *hardened-sources-2.6.25-r9 (26 Oct 2008)
6
7 26 Oct 2008; Gordon Malm <gengor@gentoo.org>
8 +hardened-sources-2.6.25-r9.ebuild:
9 Update to Linux 2.6.25.19
10
11 15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
12 Stable on ppc
13
14 *hardened-sources-2.6.26-r4 (14 Oct 2008)
15
16 14 Oct 2008; Gordon Malm <gengor@gentoo.org>
17 -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
18 Update to latest grsecurity patch, fixing building of non-modular kernels.
19
20 *hardened-sources-2.6.26-r3 (12 Oct 2008)
21
22 12 Oct 2008; Gordon Malm <gengor@gentoo.org>
23 hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
24 +hardened-sources-2.6.26-r3.ebuild:
25 2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
26 2.6.26-r1: Removed.
27 2.6.25-r8: Stable amd64/x86.
28
29 *hardened-sources-2.6.25-r8 (09 Oct 2008)
30
31 09 Oct 2008; Gordon Malm <gengor@gentoo.org>
32 -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
33 -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
34 Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
35
36 20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
37 Stable on ppc
38
39 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
40 hardened-sources-2.6.25-r7.ebuild:
41 Stable amd64/x86.
42
43 *hardened-sources-2.6.26-r2 (13 Sep 2008)
44
45 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
46 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
47 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
48 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
49
50 *hardened-sources-2.6.25-r7 (13 Sep 2008)
51
52 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
53 +hardened-sources-2.6.25-r7.ebuild:
54 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
55
56 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
57 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
58 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
59 hardened-sources-2.6.26-r1.ebuild:
60 Update DESCRIPTION and HGPV_URI.
61
62 *hardened-sources-2.6.25-r6 (09 Sep 2008)
63
64 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
65 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
66 2.6.25-r6: Update to Linux 2.6.25.17.
67 2.6.24-r3: Removed.
68
69 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
70 hardened-sources-2.6.25-r5.ebuild:
71 Stable on amd64/x86
72
73 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
74 Update my email address.
75
76 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
77 stable on ppc
78
79 *hardened-sources-2.6.26-r1 (23 Aug 2008)
80 *hardened-sources-2.6.25-r5 (23 Aug 2008)
81
82 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
83 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
84 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
85 +hardened-sources-2.6.26-r1.ebuild:
86 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
87 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
88 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
89 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
90 (gengor).
91
92 *hardened-sources-2.6.26 (18 Aug 2008)
93 *hardened-sources-2.6.25-r4 (18 Aug 2008)
94
95 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
96 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
97 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
98 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
99 2.6.25-r2: Removed.
100
101 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
102 Remove phreak from metadata.xml (#96398)
103
104 *hardened-sources-2.6.25-r3 (31 Jul 2008)
105
106 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
107 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
108 +hardened-sources-2.6.25-r3.ebuild:
109 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
110 fixes, including security bug #231750.
111
112 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
113 Stable on ppc
114
115 *hardened-sources-2.6.25-r2 (05 Jul 2008)
116
117 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
118 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
119 +hardened-sources-2.6.25-r2.ebuild:
120 2.6.23-r4: Stable x86/amd64
121 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
122 2.6.23-r{11,12}: Removed due to multiple vulns.
123 (gengor & kerframil)
124
125 04 Jul 2008; nixnut <nixnut@gentoo.org>
126 hardened-sources-2.6.23-r13.ebuild:
127 Stable on ppc
128
129 *hardened-sources-2.6.25-r1 (30 Jun 2008)
130
131 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
132 +hardened-sources-2.6.25-r1.ebuild:
133 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
134 grsecurity release. 2.6.23-r13: x86/amd64 stable
135
136 *hardened-sources-2.6.25 (17 Jun 2008)
137 *hardened-sources-2.6.24-r3 (17 Jun 2008)
138 *hardened-sources-2.6.23-r13 (17 Jun 2008)
139
140 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
141 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
142 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
143 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
144 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
145 2.6.25: Initial 2.6.25 release.
146
147 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
148 - fasttrack to stable x86/amd64
149
150 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
151 Fix broken digest for linux-2.6.24.tar.bz2.
152
153 *hardened-sources-2.6.24-r2 (11 May 2008)
154 *hardened-sources-2.6.23-r12 (11 May 2008)
155
156 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
157 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
158 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
159 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
160 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
161 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
162 security bugs 219901, 220691, 220975, 220979, 221123. New
163 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
164 should be removed as far as I'm concerned, everything else remove due to
165 vulnerable to numerous security bugs or brokeness.
166
167 10 May 2008; nixnut <nixnut@gentoo.org>
168 hardened-sources-2.6.23-r11.ebuild:
169 Stable on ppc
170
171 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
172 - -r11 stable on x86/amd64
173
174 *hardened-sources-2.6.23-r11 (01 May 2008)
175
176 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
177 - version bump to fix ulgy linux bugs
178
179 *hardened-sources-2.6.24-r1 (30 Apr 2008)
180
181 30 Apr 2008; Christian Heim <phreak@gentoo.org>
182 +hardened-sources-2.6.24-r1.ebuild:
183 Revision bump (thanks to Kerin and Gordon, again), pulling
184 genpatches-2.6.24-7, solving #219089. Additionally contains further security
185 fixes plus some minor updates.
186
187 *hardened-sources-2.6.23-r10 (30 Apr 2008)
188
189 30 Apr 2008; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.23-r10.ebuild:
191 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
192 Additional contains "various other fixes".
193
194 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
195 Update the longdescription in metadata, thanks to Gordon Malm.
196
197 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
198 Stable on ppc wrt bug #213255
199
200 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
201 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
202 - stable on x86/amd64 per request. Removed obsolete ebuilds
203
204 *hardened-sources-2.6.24 (07 Apr 2008)
205
206 07 Apr 2008; Christian Heim <phreak@gentoo.org>
207 +hardened-sources-2.6.24.ebuild:
208 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
209 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
210 for the many contributions and their continued effort in #216612) based on
211 2.6.24 and genpatches-2.6.24-5.
212
213 The current ebuild/patchset contains these things:
214 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
215 * Introduces bespoke server and workstation oriented security levels
216 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
217
218 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
219 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
220 maintaining it).
221
222 24 Mar 2008; Christian Heim <phreak@gentoo.org>
223 hardened-sources-2.4.35-r2.ebuild:
224 Fixing SRC_URI for 2.4.35-r2.
225
226 *hardened-sources-2.6.23-r9 (22 Mar 2008)
227
228 22 Mar 2008; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.23-r9.ebuild:
230 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
231 * Change the default GIDs for some grsecurity options
232 * Revamp the Hardened [Gentoo] security level and make it the default level
233 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
234 * Fix a recursive lock -- call to capable() within ptrace_attach()
235 * Fix bug that allows audit and iscsi operations to be controlled via netlink
236
237 *hardened-sources-2.6.23-r8 (27 Feb 2008)
238
239 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
240 - version bump from Kerin Millar bug 210026
241
242 17 Feb 2008; <solar@gentoo.org> metadata.xml,
243 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
244 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
245 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
246 - stable on x86 and remove old ebuilds
247
248 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
249 - stable on amd64 per request of amd64 lead
250
251 *hardened-sources-2.6.23-r7 (11 Feb 2008)
252
253 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
254 - version bump from kerin.millar
255 Changes:
256
257 * Bump to genpatches-base-2.6.23-9
258 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
259 * Disables COMPAT_VDSO in x86/defconfig
260 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
261
262 25 Jan 2008; Christian Heim <phreak@gentoo.org>
263 -hardened-sources-2.6.22-r8.ebuild:
264 Cleaning up old versions.
265
266 *hardened-sources-2.6.23-r6 (25 Jan 2008)
267
268 25 Jan 2008; Christian Heim <phreak@gentoo.org>
269 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
270 Revision bump, pulling in the latest genpatches.
271
272 *hardened-sources-2.6.23-r5 (24 Dec 2007)
273
274 24 Dec 2007; Christian Heim <phreak@gentoo.org>
275 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
276 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
277 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
278 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
279
280 24 Dec 2007; Christian Heim <phreak@gentoo.org>
281 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
282 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
283 -hardened-sources-2.6.23-r3.ebuild:
284 Cleaning out some unused, old versions.
285
286 24 Dec 2007; Christian Heim <phreak@gentoo.org>
287 hardened-sources-2.6.23-r4.ebuild:
288 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
289 in the tree for long, but there isn't much of a difference between this and
290 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
291
292 *hardened-sources-2.6.23-r4 (23 Dec 2007)
293
294 23 Dec 2007; Christian Heim <phreak@gentoo.org>
295 +hardened-sources-2.6.23-r4.ebuild:
296 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
297
298 *hardened-sources-2.6.23-r3 (04 Dec 2007)
299
300 04 Dec 2007; Christian Heim <phreak@gentoo.org>
301 +hardened-sources-2.6.23-r3.ebuild:
302 Revision bump, pulling in 2.6.23.9.
303
304 *hardened-sources-2.6.23-r2 (25 Nov 2007)
305
306 25 Nov 2007; Christian Heim <phreak@gentoo.org>
307 +hardened-sources-2.6.23-r2.ebuild:
308 Updated patchset, thanks to solar.
309
310 *hardened-sources-2.6.23-r1 (31 Oct 2007)
311
312 31 Oct 2007; Christian Heim <phreak@gentoo.org>
313 +hardened-sources-2.6.23-r1.ebuild:
314 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
315
316 29 Oct 2007; <solar@gentoo.org> metadata.xml:
317 - update metadata.xml
318
319 25 Oct 2007; Christian Heim <phreak@gentoo.org>
320 hardened-sources-2.6.22-r8.ebuild:
321 Marking 2.6.22-r8 stable on amd64 and x86.
322
323 21 Oct 2007; Christian Heim <phreak@gentoo.org>
324 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
325 -hardened-sources-2.6.21-r4.ebuild:
326 Removing old ebuilds.
327
328 *hardened-sources-2.4.35-r2 (21 Oct 2007)
329
330 21 Oct 2007; Christian Heim <phreak@gentoo.org>
331 +hardened-sources-2.4.35-r2.ebuild:
332 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
333 patches.
334
335 *hardened-sources-2.6.22-r8 (21 Oct 2007)
336
337 21 Oct 2007; Christian Heim <phreak@gentoo.org>
338 +hardened-sources-2.6.22-r8.ebuild:
339 Yet another new patch, hopefully fixing the remaining issues we had w/
340 2.6.22. Candidate for stabling.
341
342 *hardened-sources-2.6.23 (13 Oct 2007)
343
344 13 Oct 2007; Christian Heim <phreak@gentoo.org>
345 +hardened-sources-2.6.23.ebuild:
346 Initial hardened-sources-2.6.23. If people still have problems w/ bug
347 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
348
349 11 Oct 2007; Christian Heim <phreak@gentoo.org>
350 hardened-sources-2.6.20-r10.ebuild:
351 Pulling in yet another new genpatches version, fixing the PWC bug for real.
352
353 04 Oct 2007; Christian Heim <phreak@gentoo.org>
354 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
355 Removing old versions.
356
357 *hardened-sources-2.6.22-r7 (01 Oct 2007)
358
359 01 Oct 2007; Christian Heim <phreak@gentoo.org>
360 +hardened-sources-2.6.22-r7.ebuild:
361 Revision bump, pulling in a newer patch. Should fix #194276.
362
363 30 Sep 2007; Christian Heim <phreak@gentoo.org>
364 hardened-sources-2.6.20-r10.ebuild:
365 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
366 Mike Doty).
367
368 *hardened-sources-2.6.22-r6 (26 Sep 2007)
369
370 26 Sep 2007; Christian Heim <phreak@gentoo.org>
371 +hardened-sources-2.6.22-r6.ebuild:
372 Revision bump, grabbing up till Linux 2.6.22.9.
373
374 24 Sep 2007; Christian Heim <phreak@gentoo.org>
375 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
376 Cleaning up further.
377
378 *hardened-sources-2.6.20-r10 (24 Sep 2007)
379
380 24 Sep 2007; Christian Heim <phreak@gentoo.org>
381 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
382 +hardened-sources-2.6.20-r10.ebuild:
383 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
384 revisions.
385
386 *hardened-sources-2.6.22-r5 (22 Sep 2007)
387
388 22 Sep 2007; Christian Heim <phreak@gentoo.org>
389 +hardened-sources-2.6.22-r5.ebuild:
390 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
391
392 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
393 Removing johnm from metadata.xml (see #186467 for reference).
394
395 *hardened-sources-2.6.22-r4 (17 Sep 2007)
396
397 17 Sep 2007; Christian Heim <phreak@gentoo.org>
398 +hardened-sources-2.6.22-r4.ebuild:
399 Revision bump, hopefully fixing all those weird PAX failures.
400
401 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
402 Updating the metadata.xml.
403
404 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
405 Removing tocharian from metadata due to his retirement (see #71718 for
406 reference).
407
408 *hardened-sources-2.6.20-r9 (30 Aug 2007)
409
410 30 Aug 2007; Christian Heim <phreak@gentoo.org>
411 +hardened-sources-2.6.20-r9.ebuild:
412 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
413
414 29 Aug 2007; Christian Heim <phreak@gentoo.org>
415 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
416 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
417 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
418 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
419 -hardened-sources-2.6.22-r2.ebuild:
420 Removing some redundant versions.
421
422 *hardened-sources-2.4.35-r1 (29 Aug 2007)
423
424 29 Aug 2007; Christian Heim <phreak@gentoo.org>
425 +hardened-sources-2.4.35-r1.ebuild:
426 Revision bump, new grsecurity patch.
427
428 *hardened-sources-2.6.20-r8 (26 Aug 2007)
429
430 26 Aug 2007; Christian Heim <phreak@gentoo.org>
431 +hardened-sources-2.6.20-r8.ebuild:
432 Revision bump for Linux 2.6.20.17.
433
434 *hardened-sources-2.6.22-r3 (22 Aug 2007)
435
436 22 Aug 2007; Christian Heim <phreak@gentoo.org>
437 +hardened-sources-2.6.22-r3.ebuild:
438 Revision bump for Linux 2.6.22.4.
439
440 16 Aug 2007; Christian Heim <phreak@gentoo.org>
441 hardened-sources-2.6.22-r2.ebuild:
442 Updated patchset, to fix the alignment against 2.6.22.3.
443
444 *hardened-sources-2.6.22-r2 (16 Aug 2007)
445
446 16 Aug 2007; Christian Heim <phreak@gentoo.org>
447 +hardened-sources-2.6.22-r2.ebuild:
448 Revision bump for Linux 2.6.22.3.
449
450 *hardened-sources-2.4.35 (16 Aug 2007)
451
452 16 Aug 2007; Christian Heim <phreak@gentoo.org>
453 +hardened-sources-2.4.35.ebuild:
454 Version bump, initial version for Linux 2.4.35.
455
456 *hardened-sources-2.6.21-r4 (16 Aug 2007)
457
458 16 Aug 2007; Christian Heim <phreak@gentoo.org>
459 +hardened-sources-2.6.21-r4.ebuild:
460 Revision bump for Linux 2.6.21.6.
461
462 *hardened-sources-2.6.20-r7 (16 Aug 2007)
463
464 16 Aug 2007; Christian Heim <phreak@gentoo.org>
465 +hardened-sources-2.6.20-r7.ebuild:
466 Revision bump for Linux 2.6.20.16.
467
468 *hardened-sources-2.6.22-r1 (13 Aug 2007)
469
470 13 Aug 2007; Christian Heim <phreak@gentoo.org>
471 +hardened-sources-2.6.22-r1.ebuild:
472 Yet another revision bump.
473
474 *hardened-sources-2.6.22 (10 Aug 2007)
475
476 10 Aug 2007; Christian Heim <phreak@gentoo.org>
477 +hardened-sources-2.6.22.ebuild:
478 Initial release for 2.6.22. If you are using hardened-sources on a desktop
479 machine (P4 or newer), be aware you might need to disable
480 CONFIG_PAX_PAGEEXEC.
481
482 04 Aug 2007; Christian Heim <phreak@gentoo.org>
483 hardened-sources-2.6.20-r6.ebuild:
484 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
485 2.6.20.15.
486
487 10 Jul 2007; Christian Heim <phreak@gentoo.org>
488 hardened-sources-2.6.20-r5.ebuild:
489 Marking hardened-sources-2.6.20-r5 stable on ppc.
490
491 10 Jul 2007; Christian Heim <phreak@gentoo.org>
492 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
493 Cleanup.
494
495 *hardened-sources-2.6.20-r6 (08 Jul 2007)
496
497 08 Jul 2007; Christian Heim <phreak@gentoo.org>
498 +hardened-sources-2.6.20-r6.ebuild:
499 Revision bump, grabbing yet another stable release.
500
501 17 Jun 2007; Christian Heim <phreak@gentoo.org>
502 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
503 -hardened-sources-2.6.21-r2.ebuild:
504 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
505 alpha stable KEYWORD by mistake.
506
507 17 Jun 2007; Christian Heim <phreak@gentoo.org>
508 hardened-sources-2.6.20-r5.ebuild:
509 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
510 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
511
512 *hardened-sources-2.6.21-r3 (12 Jun 2007)
513
514 12 Jun 2007; Christian Heim <phreak@gentoo.org>
515 +hardened-sources-2.6.21-r3.ebuild:
516 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
517 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
518 love.
519
520 *hardened-sources-2.6.20-r5 (11 Jun 2007)
521
522 11 Jun 2007; Christian Heim <phreak@gentoo.org>
523 +hardened-sources-2.6.20-r5.ebuild:
524 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
525 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
526 love.
527
528 *hardened-sources-2.4.34.5 (11 Jun 2007)
529
530 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
531 +hardened-sources-2.4.34.5.ebuild:
532 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
533
534 30 May 2007; Christian Heim <phreak@gentoo.org>
535 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
536 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
537 stale ebuild(s).
538
539 30 May 2007; Christian Heim <phreak@gentoo.org>
540 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
541 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
542 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
543 Doing some cleanups, remove stale ebuilds.
544
545 26 May 2007; Christian Heim <phreak@gentoo.org>
546 hardened-sources-2.6.21-r2.ebuild:
547 Fixing the grsecurity patch, had one '};' too much.
548
549 *hardened-sources-2.6.21-r2 (26 May 2007)
550
551 26 May 2007; Christian Heim <phreak@gentoo.org>
552 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
553 +hardened-sources-2.6.21-r2.ebuild:
554 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
555 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
556
557 *hardened-sources-2.6.20-r4 (26 May 2007)
558
559 26 May 2007; Christian Heim <phreak@gentoo.org>
560 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
561 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
562 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
563
564 15 May 2007; Christian Heim <phreak@gentoo.org>
565 hardened-sources-2.6.20-r3.ebuild:
566 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
567 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
568 grsecurity patch fail in that exact same hunk.
569
570 *hardened-sources-2.6.20-r3 (15 May 2007)
571
572 15 May 2007; Christian Heim <phreak@gentoo.org>
573 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
574 Revision bump, incorporating Linux 2.6.20.11.
575
576 *hardened-sources-2.6.21-r1 (11 May 2007)
577
578 11 May 2007; Christian Heim <phreak@gentoo.org>
579 +hardened-sources-2.6.21-r1.ebuild:
580 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
581 mentioned in #177234.
582
583 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
584 files/digest-hardened-sources-2.6.21, Manifest:
585 Fix Manifest/digest for linux-2.6.21.tar.bz2
586
587 06 May 2007; Christian Heim <phreak@gentoo.org>
588 hardened-sources-2.6.21.ebuild:
589 Bumping the hardened-patches version, needed for the fix for #177234.
590
591 *hardened-sources-2.6.21 (02 May 2007)
592
593 02 May 2007; Christian Heim <phreak@gentoo.org>
594 +hardened-sources-2.6.21.ebuild:
595 Version bump, Linux 2.6.21-hardened.
596
597 29 Apr 2007; Christian Heim <phreak@gentoo.org>
598 hardened-sources-2.6.20-r2.ebuild:
599 Adding ~ia64 on Ned's request.
600
601 29 Apr 2007; Christian Heim <phreak@gentoo.org>
602 hardened-sources-2.6.20-r2.ebuild:
603 Fixing the included grsecurity patch, wasn't alligning due to the Index:
604 header line(s).
605
606 29 Apr 2007; Christian Heim <phreak@gentoo.org>
607 hardened-sources-2.6.20-r2.ebuild:
608 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
609
610 *hardened-sources-2.6.20-r2 (10 Apr 2007)
611
612 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
613 +hardened-sources-2.6.20-r2.ebuild:
614 Version bump, on behalf of phreak
615
616 *hardened-sources-2.6.20-r1 (04 Apr 2007)
617
618 04 Apr 2007; Christian Heim <phreak@gentoo.org>
619 +hardened-sources-2.6.20-r1.ebuild:
620 Revision bump, grabbing a newer grsecurity snapshot.
621
622 *hardened-sources-2.6.20 (25 Mar 2007)
623
624 25 Mar 2007; Christian Heim <phreak@gentoo.org>
625 +hardened-sources-2.6.20.ebuild:
626 Finally a hardened-sources version for 2.6.20; many people have been waiting
627 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
628 testbox.
629
630 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
631 hardened-sources-2.6.18-r6.ebuild:
632 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
633
634 *hardened-sources-2.6.18-r6 (16 Mar 2007)
635
636 16 Mar 2007; Christian Heim <phreak@gentoo.org>
637 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
638 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
639 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
640 supposed to be.
641
642 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
643 Fixing the Manifest, the previous one was broken (as in still had the
644 deleted ebuild in it).
645
646 06 Mar 2007; Christian Heim <phreak@gentoo.org>
647 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
648 +hardened-sources-2.6.18-r5.ebuild:
649 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
650 Linux 2.6.18.8. Also cleaning up the older version.
651
652 *hardened-sources-2.6.18-r5 (06 Mar 2007)
653
654 06 Mar 2007; Christian Heim <phreak@gentoo.org>
655 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
656 +hardened-sources-2.6.18-r5.ebuild:
657 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
658 Linux 2.6.18.8. Also cleaning up the older version.
659
660 24 Feb 2007; Christian Heim <phreak@gentoo.org>
661 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
662 -hardened-sources-2.6.19-r5.ebuild:
663 Removing some of the old version, that didn't work.
664
665 *hardened-sources-2.6.19-r6 (12 Feb 2007)
666
667 12 Feb 2007; Christian Heim <phreak@gentoo.org>
668 +hardened-sources-2.6.19-r6.ebuild:
669 Revision bump, including a new grsec version fixing #166235.
670
671 *hardened-sources-2.4.34 (24 Jan 2007)
672
673 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
674 Manifest:
675 updating Manifest with checksums of new tarball and ebuild
676
677 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
678 +hardened-sources-2.4.34.ebuild:
679 I added new hardened sources 2.4 update, this is a critical path
680 security bugfix - all users of h-s are strongly advised
681 to update their existing hardened sources to this version.
682 It contains a fix for a kernel vulnerability that is pertaining
683 to the PaX changes to virtual memory management, possibly leading
684 to a local kernel exploit ... see grsecurity.net forums and homepage
685
686 23 Jan 2007; Christian Heim <phreak@gentoo.org>
687 files/digest-hardened-sources-2.6.19-r5, Manifest:
688 Fixing the patch-tarball digest.
689
690 *hardened-sources-2.6.19-r5 (23 Jan 2007)
691
692 23 Jan 2007; Christian Heim <phreak@gentoo.org>
693 +hardened-sources-2.6.19-r5.ebuild:
694 Revision bump, closing the recently discovered PaX expand_stack()
695 vulnerability.
696
697 *hardened-sources-2.6.19-r4 (14 Jan 2007)
698
699 14 Jan 2007; Christian Heim <phreak@gentoo.org>
700 +hardened-sources-2.6.19-r4.ebuild:
701 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
702 dropping the randomized PID feature.
703
704 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
705 hardened-sources-2.4.33.4.ebuild:
706 stable x86, bug #161171
707
708 *hardened-sources-2.6.19-r3 (27 Dec 2006)
709
710 27 Dec 2006; Christian Heim <phreak@gentoo.org>
711 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
712 Revision bump for bug #157186 and #158786.
713
714 *hardened-sources-2.6.18-r4 (27 Dec 2006)
715
716 27 Dec 2006; Christian Heim <phreak@gentoo.org>
717 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
718 Revision bump for bug #157186.
719
720 *hardened-sources-2.6.19-r2 (23 Dec 2006)
721
722 23 Dec 2006; Christian Heim <phreak@gentoo.org>
723 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
724 Revision bump to pull in genpatches-2.6.19-3 for #157186.
725
726 17 Dec 2006; Christian Heim <phreak@gentoo.org>
727 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
728 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
729 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
730 hardened-sources-2.6.19-r1.ebuild:
731 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
732 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
733
734 *hardened-sources-2.4.33.4 (17 Dec 2006)
735
736 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
737 +hardened-sources-2.4.33.4.ebuild:
738 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
739 and quilting
740
741 *hardened-sources-2.6.19-r1 (14 Dec 2006)
742
743 14 Dec 2006; Christian Heim <phreak@gentoo.org>
744 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
745 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
746 for reporting).
747
748 *hardened-sources-2.6.19 (13 Dec 2006)
749
750 13 Dec 2006; Christian Heim <phreak@gentoo.org>
751 +hardened-sources-2.6.19.ebuild:
752 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
753 Brad for providing that prompt update.
754
755 *hardened-sources-2.6.18-r3 (13 Dec 2006)
756
757 13 Dec 2006; Christian Heim <phreak@gentoo.org>
758 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
759 +hardened-sources-2.6.18-r3.ebuild:
760 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
761 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
762
763 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
764 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
765
766 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
767 Stable on ppc wrt bug 157356
768
769 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
770 hardened-sources-2.6.18.ebuild:
771 stable x86, bug #157356
772
773 *hardened-sources-2.6.18-r2 (06 Dec 2006)
774
775 06 Dec 2006; Christian Heim <phreak@gentoo.org>
776 +hardened-sources-2.6.18-r2.ebuild:
777 Revision bump, including 2.6.18.5 (via genpatches) and
778 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
779 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
780 redesign.
781
782 06 Dec 2006; Christian Heim <phreak@gentoo.org>
783 hardened-sources-2.6.18.ebuild:
784 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
785 of Mike Doty).
786
787 *hardened-sources-2.6.18-r1 (23 Nov 2006)
788
789 23 Nov 2006; Christian Heim <phreak@gentoo.org>
790 +hardened-sources-2.6.18-r1.ebuild:
791 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
792
793 *hardened-sources-2.6.18 (11 Nov 2006)
794
795 11 Nov 2006; Christian Heim <phreak@gentoo.org>
796 +hardened-sources-2.6.18.ebuild:
797 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
798
799 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
800 - mark amd64 stable also. bug #151877
801
802 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
803 - mark 2.6.17-r1 stable
804
805 27 Aug 2006; Christian Heim <phreak@gentoo.org>
806 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
807 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
808
809 *hardened-sources-2.6.17-r1 (26 Aug 2006)
810
811 26 Aug 2006; Christian Heim <phreak@gentoo.org>
812 +hardened-sources-2.6.17-r1.ebuild:
813 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
814 grsecurity patch.
815
816 *hardened-sources-2.6.17 (17 Aug 2006)
817
818 17 Aug 2006; Christian Heim <phreak@gentoo.org>
819 +hardened-sources-2.6.17.ebuild:
820 Bumping the hardened-sources-2.6 series to 2.6.17, using
821 genpatches-2.6.17-6.base.
822
823 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
824 - stable on x86 and amd64
825
826 *hardened-sources-2.6.16-r11 (15 Jul 2006)
827
828 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
829 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
830 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
831 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
832 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
833 crusty ebuilds
834
835 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
836 hardened-sources-2.6.16-r10.ebuild:
837 marking stable on x86 and amd64
838
839 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
840 - 2.4.32-r6 stable on x86. RSBAC state unknown
841
842 *hardened-sources-2.4.32-r7 (10 Jul 2006)
843
844 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
845 +hardened-sources-2.4.32-r7.ebuild:
846 Bump PaX for RSBAC to test-17
847
848 *hardened-sources-2.6.16-r9 (03 Jul 2006)
849
850 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
851 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
852 hardened-sources-2.6.16 bump to latest -base.
853
854 *hardened-sources-2.4.32-r6 (30 Jun 2006)
855
856 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
857 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
858 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
859 sysctl controlable resource logging
860
861 *hardened-sources-2.6.16-r7 (05 Jun 2006)
862
863 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
864 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
865 push new 2.6.16 release in preparation for stable
866
867 22 May 2006; <solar@gentoo.org> :
868 - redigest bug 134002
869
870 *hardened-sources-2.4.32-r5 (16 May 2006)
871
872 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
873 +hardened-sources-2.4.32-r5.ebuild:
874 Fixes rsbac common patching (new patch in new -r5 patchset)
875
876 *hardened-sources-2.4.32-r4 (13 May 2006)
877
878 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
879 +hardened-sources-2.4.32-r4.ebuild:
880 - security bumps
881
882 *hardened-sources-2.6.16-r6 (03 May 2006)
883
884 03 May 2006; John Mylchreest <johnm@gentoo.org>
885 +hardened-sources-2.6.16-r6.ebuild:
886 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
887
888 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
889 hardened-sources-2.6.14-r8.ebuild:
890 fix x86_64 build problem, this will delay the digest issue again for a short
891 while but it will sort itself out
892
893 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
894 hardened-sources-2.6.14-r8.ebuild:
895 bump hardened patchset
896
897 27 Apr 2006; Alec Warner <antarus@gentoo.org>
898 files/digest-hardened-sources-2.4.32-r2,
899 files/digest-hardened-sources-2.4.32-r3,
900 files/digest-hardened-sources-2.6.14-r8, Manifest:
901 Fixing duff SHA256 digests: Bug # 131293
902
903 *hardened-sources-2.6.16-r5 (27 Apr 2006)
904
905 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
906 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
907 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
908 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
909 cleanup of old uneccessary sources
910
911 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
912 fix digest
913
914 *hardened-sources-2.6.14-r8 (20 Apr 2006)
915
916 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
917 +hardened-sources-2.6.14-r8.ebuild:
918 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
919
920 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
921 Turning on gpg-signing again, and recomitting
922
923 *hardened-sources-2.6.16-r4 (20 Apr 2006)
924
925 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
926 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
927 +hardened-sources-2.6.16-r4.ebuild:
928 Fix numerous security vulns
929
930 *hardened-sources-2.4.32-r3 (16 Apr 2006)
931
932 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
933 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
934 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
935 - security bump for bug #112791. Removed old ebuilds
936
937 *hardened-sources-2.6.16-r3 (15 Apr 2006)
938
939 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
940 +hardened-sources-2.6.16-r3.ebuild:
941 Removing silly localversion which I missed
942
943 *hardened-sources-2.6.14-r7 (14 Apr 2006)
944
945 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
946 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
947 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
948
949 *hardened-sources-2.6.16-r2 (13 Apr 2006)
950
951 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
952 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
953 +hardened-sources-2.6.16-r2.ebuild:
954 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
955 labels, dropping USERGROUP define fixes, since these were merged mainstream.
956
957 *hardened-sources-2.6.16-r1 (11 Apr 2006)
958
959 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
960 +hardened-sources-2.6.16-r1.ebuild:
961 Bumping to include ppc build fix and 2.6.16.3
962
963 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
964 hardened-sources-2.6.14-r6.ebuild:
965 Stable on x86; bug #127718
966
967 *hardened-sources-2.6.16 (31 Mar 2006)
968
969 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
970 +hardened-sources-2.6.16.ebuild:
971 Bumping to new version of grsec, and kernel base. New squashfs. Based on
972 2.6.16.1
973
974 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
975 hardened-sources-2.6.14-r6.ebuild:
976 Stable on amd64, bug 127718.
977
978 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
979 Stable on ppc. Bug #127718
980
981 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
982 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
983 -hardened-sources-2.6.14-r4.ebuild:
984 Cleanup.
985
986 *hardened-sources-2.6.14-r6 (15 Mar 2006)
987
988 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
989 +hardened-sources-2.6.14-r6.ebuild:
990 Fixes grsec policy recreation bug and adds a
991 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
992
993 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
994 - stable on x86
995
996 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
997 hardened-sources-2.6.14-r5.ebuild:
998 Stable on ppc.
999
1000 *hardened-sources-2.6.14-r5 (01 Feb 2006)
1001
1002 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1003 +hardened-sources-2.6.14-r5.ebuild:
1004 fixing every known exploit
1005
1006 *hardened-sources-2.4.32-r2 (26 Jan 2006)
1007
1008 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1009 +hardened-sources-2.4.32-r2.ebuild:
1010 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1011
1012 *hardened-sources-2.6.14-r4 (12 Jan 2006)
1013
1014 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1015 - version bump for new genpatches which fix up a few sec holes
1016
1017 *hardened-sources-2.4.32-r1 (05 Jan 2006)
1018
1019 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1020 - revision bump to add misc vital linux kernel security patches.
1021
1022 *hardened-sources-2.6.14-r3 (30 Dec 2005)
1023
1024 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1025 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1026 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1027
1028 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1029 hardened-sources-2.6.14-r2.ebuild:
1030 making x86 & amd64 stable following testing.
1031
1032 *hardened-sources-2.6.14-r2 (27 Dec 2005)
1033
1034 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1035 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1036 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1037 network hooks.
1038
1039 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1040 hardened-sources-2.6.14-r1.ebuild:
1041 bumping to stable early for sec fix on x86 & amd64
1042
1043 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1044
1045 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1046 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1047 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1048
1049 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1050 - stable on x86 security bug #114227 CAN-2005-3257
1051
1052 *hardened-sources-2.4.32 (19 Nov 2005)
1053
1054 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1055 +hardened-sources-2.4.32.ebuild:
1056 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1057 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1058 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1059 rsbac >> /etc/portage/package.use)
1060
1061 *hardened-sources-2.6.14 (14 Nov 2005)
1062
1063 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1064 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1065 Bumping 2.6 series to 2.6.14.2
1066
1067 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1068
1069 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1070 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1071 +hardened-sources-2.6.13-r2.ebuild:
1072 Fixes minor build error in ppc.
1073
1074 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1075
1076 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1077 +hardened-sources-2.6.13-r1.ebuild:
1078 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1079 2.6.13.4, fixes some major amd64 stability problems.
1080
1081 *hardened-sources-2.6.13 (16 Sep 2005)
1082
1083 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1084 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1085 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1086 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1087 users should test this thoroughly.
1088
1089 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1090 - stable on x86
1091
1092 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1093
1094 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1095 +hardened-sources-2.6.11-r15.ebuild:
1096 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1097 grsec redefining curr_ip struct.
1098
1099 *hardened-sources-2.4.31 (20 Jun 2005)
1100
1101 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1102 initial import of 2.4.31 tree
1103
1104 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1105
1106 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1107 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1108 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1109 naming scheme to abide by genpatches
1110
1111 *hardened-sources-2.6.11-r13 (18 May 2005)
1112
1113 18 May 2005; John Mylchreest <johnm@gentoo.org>
1114 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1115 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1116 target. sorry about that. Fixes bug #93022
1117
1118 *hardened-sources-2.6.11-r12 (17 May 2005)
1119
1120 17 May 2005; John Mylchreest <johnm@gentoo.org>
1121 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1122 +hardened-sources-2.6.11-r12.ebuild:
1123 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1124 merges in genpatches-base
1125
1126 *hardened-sources-2.6.11-r12 (17 May 2005)
1127
1128 17 May 2005; John Mylchreest <johnm@gentoo.org>
1129 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1130 +hardened-sources-2.6.11-r12.ebuild:
1131 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1132 merges in genpatches-base
1133
1134 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1135 -files/2.4.27-cmdline-race.patch,
1136 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1137 -files/2.4.28-grsec-binfmt_a.out.patch,
1138 -files/2.4.28-grsec-cmdline-race.patch,
1139 -files/2.4.28-selinux-binfmt_a.out.patch,
1140 -files/2.4.28-selinux-cmdline-race.patch,
1141 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1142 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1143 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1144 cleanup..
1145
1146 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1147
1148 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1149 - disable aout by default
1150
1151 *hardened-sources-2.4.30 (18 Apr 2005)
1152
1153 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1154 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1155 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1156 use
1157
1158 *hardened-sources-2.4.29 (30 Mar 2005)
1159
1160 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1161 +hardened-sources-2.4.29.ebuild:
1162 New hardened-patches-2.4-29.0 patchball.
1163 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1164
1165 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1166
1167 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1168 +hardened-sources-2.4.28-r5.ebuild:
1169 Added a fix for a PaX vulnerability.
1170
1171 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1172 hardened-sources-2.4.28-r4.ebuild:
1173 Stable on x86
1174
1175 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1176 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1177 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1178 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1179 - fixed/added RDEPEND= in all kernel-2 ebuilds
1180
1181 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1182
1183 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1184 +hardened-sources-2.4.28-r4.ebuild:
1185 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1186 backport of neighbour hash updates.
1187
1188 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1189 hardened-sources-2.4.28-r3.ebuild:
1190 Stable on x86
1191
1192 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1193
1194 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1195 +hardened-sources-2.6.10-r3.ebuild:
1196 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1197 in 2005.0
1198
1199 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1200 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1201 hardened-sources-2.4.28-r2.ebuild:
1202 Mark stable on x86
1203
1204 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1205
1206 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1207 +hardened-sources-2.4.28-r3.ebuild:
1208 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1209
1210 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1211 hardened-sources-2.4.28.ebuild:
1212 Mark stable on x86.
1213
1214 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1215
1216 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1217 +hardened-sources-2.4.28-r2.ebuild:
1218 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1219 Mazinger for grsecurity patches as well.
1220
1221 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1222
1223 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1224 Security bump. Thank tocharian for rolling a new patchset...
1225
1226 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1227 +files/2.4.28-grsec-cmdline-race.patch,
1228 +files/2.4.28-selinux-binfmt_a.out.patch,
1229 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1230 - Round up remaining security patches that appear to be missing in 2.4.28. -
1231 PaX standalone updated to current. hgpv=28.1
1232
1233 *hardened-sources-2.4.28 (28 Nov 2004)
1234
1235 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1236 security bump. Thank tocharian for rolling a new patchset
1237
1238 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1239
1240 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1241 +hardened-sources-2.4.27-r3.ebuild:
1242 Applies the new 2.4-27.2 patchball which updates
1243 GRSecurity to the 2.0.1 version.
1244
1245 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1246
1247 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1248 +hardened-sources-2.4.27-r2.ebuild:
1249 Version bump.
1250 This version uses the new 2.4-27.1 patchball which updates
1251 both the SELinux PaX hooks patch and the SELinux headers.
1252
1253 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1254
1255 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1256 +hardened-sources-2.4.27-r1.ebuild,
1257 -hardened-sources-2.4.27.ebuild,
1258 +files/2.4.27-cmdline-race.patch:
1259 Version bump, fix for cmdline race. See bug #59905.
1260
1261 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1262
1263 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1264 +hardened-sources-2.4.26-r6.ebuild,
1265 -hardened-sources-2.4.26-r5.ebuild,
1266 -hardened-sources-2.4.26-r4.ebuild,
1267 +files/2.4.26-cmdline-race.patch:
1268 Version bump, fix for cmdline race. See bug #59905.
1269
1270 *hardened-sources-2.4.27 (08 Aug 2004)
1271
1272 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1273 +hardened-sources-2.4.27.ebuild,
1274 +files/2.4.27-CAN-2004-0394.patch:
1275 Ported the patchball to the 2.4.27 kernel version.
1276
1277 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1278
1279 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1280 +hardened-sources-2.4.26-r5.ebuild:
1281 Updated to use the new hardened-patches-2.4-26.1 patchball.
1282 It adds the following features:
1283 - Squashfs
1284 - Ebtables
1285 - Netdev random (core+drivers)
1286 - Watchdog Timer (WDT) fix.
1287
1288 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1289
1290 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1291 +hardened-sources-2.4.26-r4.ebuild,
1292 +files/2.4.26-CAN-2004-0415.patch,
1293 -hardened-sources-2.4.26-3:
1294 Version bump, fix for CAN 0415, see bug #59378.
1295
1296 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1297
1298 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1299 +hardened-sources-2.4.26-r3.ebuild,
1300 +files/2.4.26-CAN-2004-0497.patch,
1301 -hardened-sources-2.4.26-r2.ebuild:
1302 Version bump, fixed CAN 0497, see bug #56171.
1303
1304 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1305
1306 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1307 +hardened-sources-2.4.26-r2.ebuild,
1308 +files/2.4.26-CAN-2004-0495.patch,
1309 +files/2.4.26-CAN-2004-0535.patch,
1310 -hardened-sources-2.4.26-r1.ebuild:
1311 Fixes for both CAN 0495 and 0535, see bug #54976
1312
1313 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1314 hardened-sources-2.4.26-r1.ebuild:
1315 QA - fix use invocation
1316
1317 *hardened-sources-2.4.26-r1 (22 June 2004)
1318
1319 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1320 +hardened-sources-2.4.26-r1.ebuild,
1321 +files/2.4.26-CAN-2004-0394.patch,
1322 +files/2.4.26-signal-race.patch,
1323 -hardened-sources-2.4.26.ebuild,
1324 -hardened-sources-2.4.24-r3.ebuild:
1325 Version bump for the CAN-2004-0394 issue and bug #53804
1326 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1327
1328
1329 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1330 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1331 Masked hardened-sources-2.4.26.ebuild broken for ppc
1332
1333 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1334 hardened-sources-2.4.24-r3.ebuild:
1335 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1336
1337 *hardened-sources-2.4.26 (29 May 2004)
1338
1339 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1340 +hardened-sources-2.4.26.ebuild:
1341 Updated hardened-sources for the 2.4.26 kernel
1342 Removed broken components, updated almost everything.
1343
1344 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1345
1346 17 Apr 2004; <plasmaroo@gentoo.org>
1347 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1348 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1349 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1350 +hardened-sources-2.4.24-r3.ebuild:
1351 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1352 vulnerabilities. Old revisions removed.
1353
1354 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1355
1356 15 Apr 2004; <plasmaroo@gentoo.org>
1357 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1358 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1359 Version bump for the CAN-2004-0109 issue; bug #47881.
1360
1361 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1362 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1363 Add eutils to inherit.
1364
1365 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1366
1367 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1368 files/hardened-sources-2.4.24.munmap.patch:
1369 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1370
1371 *hardened-sources-2.4.24 (06 Feb 2004)
1372
1373 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1374 hardened-sources-2.4.24.ebuild:
1375 Version bump, updated most of the components.
1376 This release includes the following:
1377
1378 - Hardened security
1379 - Netfilter patch-o-matic 20031219
1380 - FreeSWAN 2.04 & x509 1.4.8
1381 - EVMS 2.2.2
1382 - XFS 1.3.1
1383 - cryptoloop jari
1384 - grsecurity 2.0-rc4
1385 - SELinux
1386 - PaX 200402060000
1387 - PaX Obscurity 200308302223
1388 - Others...
1389
1390 Neither -ck nor systrace are included anymore.
1391
1392 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1393
1394 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1395 hardened-sources-2.4.22-r2.ebuild:
1396 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1397
1398 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1399
1400 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1401 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1402
1403 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1404 hardened-sources-2.4.22-r1.ebuild:
1405 Version bump for the 'do_brk' vulnerability.
1406
1407 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1408 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1409 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1410 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1411 Fix the 'do_brk' vulnerability.
1412
1413 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1414 hardened-sources-2.4.22.ebuild:
1415 - Removed the src_install() portion for SELinux flask
1416 components. These are no longer handled in the kernel
1417 so this code was not necessary.
1418
1419 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1420 New 2.4.22 based hardened-sources thanks to
1421 Phil West <p.west@computer.org>.
1422
1423 These sources include:
1424 - New SELinux API
1425 - Updated CK-base
1426 - Updated GRSec
1427 - Systrace
1428 - SuperFreeS/WAN 1.99.8
1429 - Propolice kernel build support
1430 - EVMS
1431 - Other various security related patches
1432
1433 *hardened-sources-2.4.21 (14 Sep 2003)
1434
1435 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1436 Updated hardened-sources based on the 2.4.21 Linux kernel.
1437 This includes updates to most major components such as:
1438 - ck-base-0306300059
1439 - selinux-2.4-2003071106
1440 - grsecurity-2.0-rc1
1441 - Updated IPTables patch-o-matic
1442 - Updated SuperFreeS/WAN
1443
1444 Thanks to Phil West <pwest@computer.org> for his work in getting this
1445 updated patch set ready for the 2.4.21 based kernel.
1446
1447 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1448 Initial import of hardened-sources-2.4.20-r4. This revision
1449 includes only a few changes, but one of these is an important
1450 security fix. It is recommended all users of hardened-sources
1451 upgrade to this release.
1452
1453 - ioperm bug fix
1454 - fixed compilation failure when building without GRSec
1455
1456 SAL (Secure Auditing for Linux) is NOT included in this revision
1457 due to time constraints, but is planned for inclusion in the near
1458 future.
1459
1460 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1461
1462 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1463 hardened-sources-2.4.20-r3.ebuild:
1464 Add Header...
1465
1466 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1467 hardened-sources-2.4.20-r3.ebuild:
1468 Removed warnings from ebuild. This kernel should be safe to
1469 use at this point.
1470
1471 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1472
1473 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1474 hardened-sources-2.4.20-r3.ebuild:
1475 New revision. Includes the following changes over -r2:
1476
1477 - ck7-base (O(1), preempt, low latency)
1478 - Super FreeS/WAN 1.99.7rc2
1479 - PaX for the LSM/SELinux branch
1480 - GRSecurity 2.0-pre4 (role based access control)
1481 - Systrace 1.3
1482 - EXT3 fixes
1483 - EVMS 2.0.1
1484 - GCC 3.1+ compile optimizations
1485 - ProPolice kernel build support
1486 - Hashing table security fixes
1487
1488 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1489
1490 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1491 Initial import of hardened-sources-r2. This new
1492 ebuild includes many new performance and security
1493 related patches. As in -r1, it will patch in
1494 LSM/SELinux if "selinux" is in USE, otherwise it
1495 will patch in GRSecurity. The following patches
1496 are included in this revision:
1497
1498 - O(1) Scheduler, Low Latency, and Preempt
1499 (pulled from the base CK patch)
1500 - ptrace exploit patch for the LSM kernel
1501 (the GRSec patch already fixes this)
1502 - LSM 2.4-2003040709
1503 - SELinux 2.4-2003040709
1504 - Systrace v1.2
1505 - IPTables patch-o-matic base patches - 20030107
1506 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1507 - Super FreeS/WAN 1.99.6.1
1508 - GRSecurity 1.9.9g
1509 - MPPE
1510 - EXT3 data journal fix
1511 - CIPE 1.5.4
1512
1513 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1514 hardened-sources-2.4.20-r1.ebuild, manifest:
1515 Updated to install flask components correctly for selinux.
1516
1517 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1518 hardened-sources-2.4.20-r1.ebuild:
1519 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1520 is patched in instead. Ptrace patches for selinux have also been added. In
1521 either case, systrace support will be patched in as well.
1522
1523 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1524 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1525 Revision bump for new sources.
1526
1527 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1528 hardened-sources-2.4.20-r1.ebuild:
1529 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1530
1531 *hardened-sources-2.4.20 (30 Mar 2003)
1532
1533 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1534 hardened-sources-2.4.20.ebuild:
1535 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20