/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.249 - (show annotations) (download)
Thu Oct 30 15:17:14 2008 UTC (5 years, 8 months ago) by gengor
Branch: MAIN
Changes since 1.248: +5 -1 lines
Mark 2.6.25-r9 stable on amd64/x86
(Portage version: 2.1.4.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.248 2008/10/26 04:49:44 gengor Exp $
4
5 30 Oct 2008; Gordon Malm <gengor@gentoo.org>
6 hardened-sources-2.6.25-r9.ebuild:
7 Stable on amd64/x86.
8
9 *hardened-sources-2.6.25-r9 (26 Oct 2008)
10
11 26 Oct 2008; Gordon Malm <gengor@gentoo.org>
12 +hardened-sources-2.6.25-r9.ebuild:
13 Update to Linux 2.6.25.19
14
15 15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
16 Stable on ppc
17
18 *hardened-sources-2.6.26-r4 (14 Oct 2008)
19
20 14 Oct 2008; Gordon Malm <gengor@gentoo.org>
21 -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
22 Update to latest grsecurity patch, fixing building of non-modular kernels.
23
24 *hardened-sources-2.6.26-r3 (12 Oct 2008)
25
26 12 Oct 2008; Gordon Malm <gengor@gentoo.org>
27 hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
28 +hardened-sources-2.6.26-r3.ebuild:
29 2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
30 2.6.26-r1: Removed.
31 2.6.25-r8: Stable amd64/x86.
32
33 *hardened-sources-2.6.25-r8 (09 Oct 2008)
34
35 09 Oct 2008; Gordon Malm <gengor@gentoo.org>
36 -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
37 -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
38 Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
39
40 20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
41 Stable on ppc
42
43 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
44 hardened-sources-2.6.25-r7.ebuild:
45 Stable amd64/x86.
46
47 *hardened-sources-2.6.26-r2 (13 Sep 2008)
48
49 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
50 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
51 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
52 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
53
54 *hardened-sources-2.6.25-r7 (13 Sep 2008)
55
56 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
57 +hardened-sources-2.6.25-r7.ebuild:
58 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
59
60 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
61 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
62 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
63 hardened-sources-2.6.26-r1.ebuild:
64 Update DESCRIPTION and HGPV_URI.
65
66 *hardened-sources-2.6.25-r6 (09 Sep 2008)
67
68 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
69 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
70 2.6.25-r6: Update to Linux 2.6.25.17.
71 2.6.24-r3: Removed.
72
73 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
74 hardened-sources-2.6.25-r5.ebuild:
75 Stable on amd64/x86
76
77 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
78 Update my email address.
79
80 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
81 stable on ppc
82
83 *hardened-sources-2.6.26-r1 (23 Aug 2008)
84 *hardened-sources-2.6.25-r5 (23 Aug 2008)
85
86 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
87 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
88 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
89 +hardened-sources-2.6.26-r1.ebuild:
90 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
91 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
92 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
93 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
94 (gengor).
95
96 *hardened-sources-2.6.26 (18 Aug 2008)
97 *hardened-sources-2.6.25-r4 (18 Aug 2008)
98
99 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
100 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
101 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
102 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
103 2.6.25-r2: Removed.
104
105 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
106 Remove phreak from metadata.xml (#96398)
107
108 *hardened-sources-2.6.25-r3 (31 Jul 2008)
109
110 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
111 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
112 +hardened-sources-2.6.25-r3.ebuild:
113 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
114 fixes, including security bug #231750.
115
116 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
117 Stable on ppc
118
119 *hardened-sources-2.6.25-r2 (05 Jul 2008)
120
121 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
122 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
123 +hardened-sources-2.6.25-r2.ebuild:
124 2.6.23-r4: Stable x86/amd64
125 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
126 2.6.23-r{11,12}: Removed due to multiple vulns.
127 (gengor & kerframil)
128
129 04 Jul 2008; nixnut <nixnut@gentoo.org>
130 hardened-sources-2.6.23-r13.ebuild:
131 Stable on ppc
132
133 *hardened-sources-2.6.25-r1 (30 Jun 2008)
134
135 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
136 +hardened-sources-2.6.25-r1.ebuild:
137 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
138 grsecurity release. 2.6.23-r13: x86/amd64 stable
139
140 *hardened-sources-2.6.25 (17 Jun 2008)
141 *hardened-sources-2.6.24-r3 (17 Jun 2008)
142 *hardened-sources-2.6.23-r13 (17 Jun 2008)
143
144 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
145 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
146 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
147 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
148 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
149 2.6.25: Initial 2.6.25 release.
150
151 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
152 - fasttrack to stable x86/amd64
153
154 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
155 Fix broken digest for linux-2.6.24.tar.bz2.
156
157 *hardened-sources-2.6.24-r2 (11 May 2008)
158 *hardened-sources-2.6.23-r12 (11 May 2008)
159
160 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
161 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
162 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
163 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
164 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
165 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
166 security bugs 219901, 220691, 220975, 220979, 221123. New
167 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
168 should be removed as far as I'm concerned, everything else remove due to
169 vulnerable to numerous security bugs or brokeness.
170
171 10 May 2008; nixnut <nixnut@gentoo.org>
172 hardened-sources-2.6.23-r11.ebuild:
173 Stable on ppc
174
175 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
176 - -r11 stable on x86/amd64
177
178 *hardened-sources-2.6.23-r11 (01 May 2008)
179
180 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
181 - version bump to fix ulgy linux bugs
182
183 *hardened-sources-2.6.24-r1 (30 Apr 2008)
184
185 30 Apr 2008; Christian Heim <phreak@gentoo.org>
186 +hardened-sources-2.6.24-r1.ebuild:
187 Revision bump (thanks to Kerin and Gordon, again), pulling
188 genpatches-2.6.24-7, solving #219089. Additionally contains further security
189 fixes plus some minor updates.
190
191 *hardened-sources-2.6.23-r10 (30 Apr 2008)
192
193 30 Apr 2008; Christian Heim <phreak@gentoo.org>
194 +hardened-sources-2.6.23-r10.ebuild:
195 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
196 Additional contains "various other fixes".
197
198 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
199 Update the longdescription in metadata, thanks to Gordon Malm.
200
201 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
202 Stable on ppc wrt bug #213255
203
204 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
205 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
206 - stable on x86/amd64 per request. Removed obsolete ebuilds
207
208 *hardened-sources-2.6.24 (07 Apr 2008)
209
210 07 Apr 2008; Christian Heim <phreak@gentoo.org>
211 +hardened-sources-2.6.24.ebuild:
212 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
213 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
214 for the many contributions and their continued effort in #216612) based on
215 2.6.24 and genpatches-2.6.24-5.
216
217 The current ebuild/patchset contains these things:
218 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
219 * Introduces bespoke server and workstation oriented security levels
220 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
221
222 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
223 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
224 maintaining it).
225
226 24 Mar 2008; Christian Heim <phreak@gentoo.org>
227 hardened-sources-2.4.35-r2.ebuild:
228 Fixing SRC_URI for 2.4.35-r2.
229
230 *hardened-sources-2.6.23-r9 (22 Mar 2008)
231
232 22 Mar 2008; Christian Heim <phreak@gentoo.org>
233 +hardened-sources-2.6.23-r9.ebuild:
234 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
235 * Change the default GIDs for some grsecurity options
236 * Revamp the Hardened [Gentoo] security level and make it the default level
237 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
238 * Fix a recursive lock -- call to capable() within ptrace_attach()
239 * Fix bug that allows audit and iscsi operations to be controlled via netlink
240
241 *hardened-sources-2.6.23-r8 (27 Feb 2008)
242
243 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
244 - version bump from Kerin Millar bug 210026
245
246 17 Feb 2008; <solar@gentoo.org> metadata.xml,
247 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
248 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
249 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
250 - stable on x86 and remove old ebuilds
251
252 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
253 - stable on amd64 per request of amd64 lead
254
255 *hardened-sources-2.6.23-r7 (11 Feb 2008)
256
257 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
258 - version bump from kerin.millar
259 Changes:
260
261 * Bump to genpatches-base-2.6.23-9
262 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
263 * Disables COMPAT_VDSO in x86/defconfig
264 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
265
266 25 Jan 2008; Christian Heim <phreak@gentoo.org>
267 -hardened-sources-2.6.22-r8.ebuild:
268 Cleaning up old versions.
269
270 *hardened-sources-2.6.23-r6 (25 Jan 2008)
271
272 25 Jan 2008; Christian Heim <phreak@gentoo.org>
273 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
274 Revision bump, pulling in the latest genpatches.
275
276 *hardened-sources-2.6.23-r5 (24 Dec 2007)
277
278 24 Dec 2007; Christian Heim <phreak@gentoo.org>
279 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
280 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
281 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
282 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
283
284 24 Dec 2007; Christian Heim <phreak@gentoo.org>
285 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
286 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
287 -hardened-sources-2.6.23-r3.ebuild:
288 Cleaning out some unused, old versions.
289
290 24 Dec 2007; Christian Heim <phreak@gentoo.org>
291 hardened-sources-2.6.23-r4.ebuild:
292 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
293 in the tree for long, but there isn't much of a difference between this and
294 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
295
296 *hardened-sources-2.6.23-r4 (23 Dec 2007)
297
298 23 Dec 2007; Christian Heim <phreak@gentoo.org>
299 +hardened-sources-2.6.23-r4.ebuild:
300 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
301
302 *hardened-sources-2.6.23-r3 (04 Dec 2007)
303
304 04 Dec 2007; Christian Heim <phreak@gentoo.org>
305 +hardened-sources-2.6.23-r3.ebuild:
306 Revision bump, pulling in 2.6.23.9.
307
308 *hardened-sources-2.6.23-r2 (25 Nov 2007)
309
310 25 Nov 2007; Christian Heim <phreak@gentoo.org>
311 +hardened-sources-2.6.23-r2.ebuild:
312 Updated patchset, thanks to solar.
313
314 *hardened-sources-2.6.23-r1 (31 Oct 2007)
315
316 31 Oct 2007; Christian Heim <phreak@gentoo.org>
317 +hardened-sources-2.6.23-r1.ebuild:
318 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
319
320 29 Oct 2007; <solar@gentoo.org> metadata.xml:
321 - update metadata.xml
322
323 25 Oct 2007; Christian Heim <phreak@gentoo.org>
324 hardened-sources-2.6.22-r8.ebuild:
325 Marking 2.6.22-r8 stable on amd64 and x86.
326
327 21 Oct 2007; Christian Heim <phreak@gentoo.org>
328 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
329 -hardened-sources-2.6.21-r4.ebuild:
330 Removing old ebuilds.
331
332 *hardened-sources-2.4.35-r2 (21 Oct 2007)
333
334 21 Oct 2007; Christian Heim <phreak@gentoo.org>
335 +hardened-sources-2.4.35-r2.ebuild:
336 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
337 patches.
338
339 *hardened-sources-2.6.22-r8 (21 Oct 2007)
340
341 21 Oct 2007; Christian Heim <phreak@gentoo.org>
342 +hardened-sources-2.6.22-r8.ebuild:
343 Yet another new patch, hopefully fixing the remaining issues we had w/
344 2.6.22. Candidate for stabling.
345
346 *hardened-sources-2.6.23 (13 Oct 2007)
347
348 13 Oct 2007; Christian Heim <phreak@gentoo.org>
349 +hardened-sources-2.6.23.ebuild:
350 Initial hardened-sources-2.6.23. If people still have problems w/ bug
351 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
352
353 11 Oct 2007; Christian Heim <phreak@gentoo.org>
354 hardened-sources-2.6.20-r10.ebuild:
355 Pulling in yet another new genpatches version, fixing the PWC bug for real.
356
357 04 Oct 2007; Christian Heim <phreak@gentoo.org>
358 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
359 Removing old versions.
360
361 *hardened-sources-2.6.22-r7 (01 Oct 2007)
362
363 01 Oct 2007; Christian Heim <phreak@gentoo.org>
364 +hardened-sources-2.6.22-r7.ebuild:
365 Revision bump, pulling in a newer patch. Should fix #194276.
366
367 30 Sep 2007; Christian Heim <phreak@gentoo.org>
368 hardened-sources-2.6.20-r10.ebuild:
369 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
370 Mike Doty).
371
372 *hardened-sources-2.6.22-r6 (26 Sep 2007)
373
374 26 Sep 2007; Christian Heim <phreak@gentoo.org>
375 +hardened-sources-2.6.22-r6.ebuild:
376 Revision bump, grabbing up till Linux 2.6.22.9.
377
378 24 Sep 2007; Christian Heim <phreak@gentoo.org>
379 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
380 Cleaning up further.
381
382 *hardened-sources-2.6.20-r10 (24 Sep 2007)
383
384 24 Sep 2007; Christian Heim <phreak@gentoo.org>
385 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
386 +hardened-sources-2.6.20-r10.ebuild:
387 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
388 revisions.
389
390 *hardened-sources-2.6.22-r5 (22 Sep 2007)
391
392 22 Sep 2007; Christian Heim <phreak@gentoo.org>
393 +hardened-sources-2.6.22-r5.ebuild:
394 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
395
396 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
397 Removing johnm from metadata.xml (see #186467 for reference).
398
399 *hardened-sources-2.6.22-r4 (17 Sep 2007)
400
401 17 Sep 2007; Christian Heim <phreak@gentoo.org>
402 +hardened-sources-2.6.22-r4.ebuild:
403 Revision bump, hopefully fixing all those weird PAX failures.
404
405 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
406 Updating the metadata.xml.
407
408 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
409 Removing tocharian from metadata due to his retirement (see #71718 for
410 reference).
411
412 *hardened-sources-2.6.20-r9 (30 Aug 2007)
413
414 30 Aug 2007; Christian Heim <phreak@gentoo.org>
415 +hardened-sources-2.6.20-r9.ebuild:
416 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
417
418 29 Aug 2007; Christian Heim <phreak@gentoo.org>
419 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
420 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
421 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
422 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
423 -hardened-sources-2.6.22-r2.ebuild:
424 Removing some redundant versions.
425
426 *hardened-sources-2.4.35-r1 (29 Aug 2007)
427
428 29 Aug 2007; Christian Heim <phreak@gentoo.org>
429 +hardened-sources-2.4.35-r1.ebuild:
430 Revision bump, new grsecurity patch.
431
432 *hardened-sources-2.6.20-r8 (26 Aug 2007)
433
434 26 Aug 2007; Christian Heim <phreak@gentoo.org>
435 +hardened-sources-2.6.20-r8.ebuild:
436 Revision bump for Linux 2.6.20.17.
437
438 *hardened-sources-2.6.22-r3 (22 Aug 2007)
439
440 22 Aug 2007; Christian Heim <phreak@gentoo.org>
441 +hardened-sources-2.6.22-r3.ebuild:
442 Revision bump for Linux 2.6.22.4.
443
444 16 Aug 2007; Christian Heim <phreak@gentoo.org>
445 hardened-sources-2.6.22-r2.ebuild:
446 Updated patchset, to fix the alignment against 2.6.22.3.
447
448 *hardened-sources-2.6.22-r2 (16 Aug 2007)
449
450 16 Aug 2007; Christian Heim <phreak@gentoo.org>
451 +hardened-sources-2.6.22-r2.ebuild:
452 Revision bump for Linux 2.6.22.3.
453
454 *hardened-sources-2.4.35 (16 Aug 2007)
455
456 16 Aug 2007; Christian Heim <phreak@gentoo.org>
457 +hardened-sources-2.4.35.ebuild:
458 Version bump, initial version for Linux 2.4.35.
459
460 *hardened-sources-2.6.21-r4 (16 Aug 2007)
461
462 16 Aug 2007; Christian Heim <phreak@gentoo.org>
463 +hardened-sources-2.6.21-r4.ebuild:
464 Revision bump for Linux 2.6.21.6.
465
466 *hardened-sources-2.6.20-r7 (16 Aug 2007)
467
468 16 Aug 2007; Christian Heim <phreak@gentoo.org>
469 +hardened-sources-2.6.20-r7.ebuild:
470 Revision bump for Linux 2.6.20.16.
471
472 *hardened-sources-2.6.22-r1 (13 Aug 2007)
473
474 13 Aug 2007; Christian Heim <phreak@gentoo.org>
475 +hardened-sources-2.6.22-r1.ebuild:
476 Yet another revision bump.
477
478 *hardened-sources-2.6.22 (10 Aug 2007)
479
480 10 Aug 2007; Christian Heim <phreak@gentoo.org>
481 +hardened-sources-2.6.22.ebuild:
482 Initial release for 2.6.22. If you are using hardened-sources on a desktop
483 machine (P4 or newer), be aware you might need to disable
484 CONFIG_PAX_PAGEEXEC.
485
486 04 Aug 2007; Christian Heim <phreak@gentoo.org>
487 hardened-sources-2.6.20-r6.ebuild:
488 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
489 2.6.20.15.
490
491 10 Jul 2007; Christian Heim <phreak@gentoo.org>
492 hardened-sources-2.6.20-r5.ebuild:
493 Marking hardened-sources-2.6.20-r5 stable on ppc.
494
495 10 Jul 2007; Christian Heim <phreak@gentoo.org>
496 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
497 Cleanup.
498
499 *hardened-sources-2.6.20-r6 (08 Jul 2007)
500
501 08 Jul 2007; Christian Heim <phreak@gentoo.org>
502 +hardened-sources-2.6.20-r6.ebuild:
503 Revision bump, grabbing yet another stable release.
504
505 17 Jun 2007; Christian Heim <phreak@gentoo.org>
506 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
507 -hardened-sources-2.6.21-r2.ebuild:
508 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
509 alpha stable KEYWORD by mistake.
510
511 17 Jun 2007; Christian Heim <phreak@gentoo.org>
512 hardened-sources-2.6.20-r5.ebuild:
513 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
514 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
515
516 *hardened-sources-2.6.21-r3 (12 Jun 2007)
517
518 12 Jun 2007; Christian Heim <phreak@gentoo.org>
519 +hardened-sources-2.6.21-r3.ebuild:
520 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
521 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
522 love.
523
524 *hardened-sources-2.6.20-r5 (11 Jun 2007)
525
526 11 Jun 2007; Christian Heim <phreak@gentoo.org>
527 +hardened-sources-2.6.20-r5.ebuild:
528 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
529 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
530 love.
531
532 *hardened-sources-2.4.34.5 (11 Jun 2007)
533
534 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
535 +hardened-sources-2.4.34.5.ebuild:
536 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
537
538 30 May 2007; Christian Heim <phreak@gentoo.org>
539 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
540 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
541 stale ebuild(s).
542
543 30 May 2007; Christian Heim <phreak@gentoo.org>
544 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
545 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
546 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
547 Doing some cleanups, remove stale ebuilds.
548
549 26 May 2007; Christian Heim <phreak@gentoo.org>
550 hardened-sources-2.6.21-r2.ebuild:
551 Fixing the grsecurity patch, had one '};' too much.
552
553 *hardened-sources-2.6.21-r2 (26 May 2007)
554
555 26 May 2007; Christian Heim <phreak@gentoo.org>
556 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
557 +hardened-sources-2.6.21-r2.ebuild:
558 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
559 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
560
561 *hardened-sources-2.6.20-r4 (26 May 2007)
562
563 26 May 2007; Christian Heim <phreak@gentoo.org>
564 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
565 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
566 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
567
568 15 May 2007; Christian Heim <phreak@gentoo.org>
569 hardened-sources-2.6.20-r3.ebuild:
570 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
571 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
572 grsecurity patch fail in that exact same hunk.
573
574 *hardened-sources-2.6.20-r3 (15 May 2007)
575
576 15 May 2007; Christian Heim <phreak@gentoo.org>
577 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
578 Revision bump, incorporating Linux 2.6.20.11.
579
580 *hardened-sources-2.6.21-r1 (11 May 2007)
581
582 11 May 2007; Christian Heim <phreak@gentoo.org>
583 +hardened-sources-2.6.21-r1.ebuild:
584 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
585 mentioned in #177234.
586
587 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
588 files/digest-hardened-sources-2.6.21, Manifest:
589 Fix Manifest/digest for linux-2.6.21.tar.bz2
590
591 06 May 2007; Christian Heim <phreak@gentoo.org>
592 hardened-sources-2.6.21.ebuild:
593 Bumping the hardened-patches version, needed for the fix for #177234.
594
595 *hardened-sources-2.6.21 (02 May 2007)
596
597 02 May 2007; Christian Heim <phreak@gentoo.org>
598 +hardened-sources-2.6.21.ebuild:
599 Version bump, Linux 2.6.21-hardened.
600
601 29 Apr 2007; Christian Heim <phreak@gentoo.org>
602 hardened-sources-2.6.20-r2.ebuild:
603 Adding ~ia64 on Ned's request.
604
605 29 Apr 2007; Christian Heim <phreak@gentoo.org>
606 hardened-sources-2.6.20-r2.ebuild:
607 Fixing the included grsecurity patch, wasn't alligning due to the Index:
608 header line(s).
609
610 29 Apr 2007; Christian Heim <phreak@gentoo.org>
611 hardened-sources-2.6.20-r2.ebuild:
612 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
613
614 *hardened-sources-2.6.20-r2 (10 Apr 2007)
615
616 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
617 +hardened-sources-2.6.20-r2.ebuild:
618 Version bump, on behalf of phreak
619
620 *hardened-sources-2.6.20-r1 (04 Apr 2007)
621
622 04 Apr 2007; Christian Heim <phreak@gentoo.org>
623 +hardened-sources-2.6.20-r1.ebuild:
624 Revision bump, grabbing a newer grsecurity snapshot.
625
626 *hardened-sources-2.6.20 (25 Mar 2007)
627
628 25 Mar 2007; Christian Heim <phreak@gentoo.org>
629 +hardened-sources-2.6.20.ebuild:
630 Finally a hardened-sources version for 2.6.20; many people have been waiting
631 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
632 testbox.
633
634 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
635 hardened-sources-2.6.18-r6.ebuild:
636 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
637
638 *hardened-sources-2.6.18-r6 (16 Mar 2007)
639
640 16 Mar 2007; Christian Heim <phreak@gentoo.org>
641 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
642 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
643 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
644 supposed to be.
645
646 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
647 Fixing the Manifest, the previous one was broken (as in still had the
648 deleted ebuild in it).
649
650 06 Mar 2007; Christian Heim <phreak@gentoo.org>
651 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
652 +hardened-sources-2.6.18-r5.ebuild:
653 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
654 Linux 2.6.18.8. Also cleaning up the older version.
655
656 *hardened-sources-2.6.18-r5 (06 Mar 2007)
657
658 06 Mar 2007; Christian Heim <phreak@gentoo.org>
659 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
660 +hardened-sources-2.6.18-r5.ebuild:
661 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
662 Linux 2.6.18.8. Also cleaning up the older version.
663
664 24 Feb 2007; Christian Heim <phreak@gentoo.org>
665 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
666 -hardened-sources-2.6.19-r5.ebuild:
667 Removing some of the old version, that didn't work.
668
669 *hardened-sources-2.6.19-r6 (12 Feb 2007)
670
671 12 Feb 2007; Christian Heim <phreak@gentoo.org>
672 +hardened-sources-2.6.19-r6.ebuild:
673 Revision bump, including a new grsec version fixing #166235.
674
675 *hardened-sources-2.4.34 (24 Jan 2007)
676
677 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
678 Manifest:
679 updating Manifest with checksums of new tarball and ebuild
680
681 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
682 +hardened-sources-2.4.34.ebuild:
683 I added new hardened sources 2.4 update, this is a critical path
684 security bugfix - all users of h-s are strongly advised
685 to update their existing hardened sources to this version.
686 It contains a fix for a kernel vulnerability that is pertaining
687 to the PaX changes to virtual memory management, possibly leading
688 to a local kernel exploit ... see grsecurity.net forums and homepage
689
690 23 Jan 2007; Christian Heim <phreak@gentoo.org>
691 files/digest-hardened-sources-2.6.19-r5, Manifest:
692 Fixing the patch-tarball digest.
693
694 *hardened-sources-2.6.19-r5 (23 Jan 2007)
695
696 23 Jan 2007; Christian Heim <phreak@gentoo.org>
697 +hardened-sources-2.6.19-r5.ebuild:
698 Revision bump, closing the recently discovered PaX expand_stack()
699 vulnerability.
700
701 *hardened-sources-2.6.19-r4 (14 Jan 2007)
702
703 14 Jan 2007; Christian Heim <phreak@gentoo.org>
704 +hardened-sources-2.6.19-r4.ebuild:
705 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
706 dropping the randomized PID feature.
707
708 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
709 hardened-sources-2.4.33.4.ebuild:
710 stable x86, bug #161171
711
712 *hardened-sources-2.6.19-r3 (27 Dec 2006)
713
714 27 Dec 2006; Christian Heim <phreak@gentoo.org>
715 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
716 Revision bump for bug #157186 and #158786.
717
718 *hardened-sources-2.6.18-r4 (27 Dec 2006)
719
720 27 Dec 2006; Christian Heim <phreak@gentoo.org>
721 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
722 Revision bump for bug #157186.
723
724 *hardened-sources-2.6.19-r2 (23 Dec 2006)
725
726 23 Dec 2006; Christian Heim <phreak@gentoo.org>
727 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
728 Revision bump to pull in genpatches-2.6.19-3 for #157186.
729
730 17 Dec 2006; Christian Heim <phreak@gentoo.org>
731 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
732 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
733 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
734 hardened-sources-2.6.19-r1.ebuild:
735 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
736 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
737
738 *hardened-sources-2.4.33.4 (17 Dec 2006)
739
740 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
741 +hardened-sources-2.4.33.4.ebuild:
742 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
743 and quilting
744
745 *hardened-sources-2.6.19-r1 (14 Dec 2006)
746
747 14 Dec 2006; Christian Heim <phreak@gentoo.org>
748 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
749 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
750 for reporting).
751
752 *hardened-sources-2.6.19 (13 Dec 2006)
753
754 13 Dec 2006; Christian Heim <phreak@gentoo.org>
755 +hardened-sources-2.6.19.ebuild:
756 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
757 Brad for providing that prompt update.
758
759 *hardened-sources-2.6.18-r3 (13 Dec 2006)
760
761 13 Dec 2006; Christian Heim <phreak@gentoo.org>
762 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
763 +hardened-sources-2.6.18-r3.ebuild:
764 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
765 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
766
767 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
768 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
769
770 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
771 Stable on ppc wrt bug 157356
772
773 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
774 hardened-sources-2.6.18.ebuild:
775 stable x86, bug #157356
776
777 *hardened-sources-2.6.18-r2 (06 Dec 2006)
778
779 06 Dec 2006; Christian Heim <phreak@gentoo.org>
780 +hardened-sources-2.6.18-r2.ebuild:
781 Revision bump, including 2.6.18.5 (via genpatches) and
782 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
783 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
784 redesign.
785
786 06 Dec 2006; Christian Heim <phreak@gentoo.org>
787 hardened-sources-2.6.18.ebuild:
788 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
789 of Mike Doty).
790
791 *hardened-sources-2.6.18-r1 (23 Nov 2006)
792
793 23 Nov 2006; Christian Heim <phreak@gentoo.org>
794 +hardened-sources-2.6.18-r1.ebuild:
795 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
796
797 *hardened-sources-2.6.18 (11 Nov 2006)
798
799 11 Nov 2006; Christian Heim <phreak@gentoo.org>
800 +hardened-sources-2.6.18.ebuild:
801 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
802
803 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
804 - mark amd64 stable also. bug #151877
805
806 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
807 - mark 2.6.17-r1 stable
808
809 27 Aug 2006; Christian Heim <phreak@gentoo.org>
810 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
811 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
812
813 *hardened-sources-2.6.17-r1 (26 Aug 2006)
814
815 26 Aug 2006; Christian Heim <phreak@gentoo.org>
816 +hardened-sources-2.6.17-r1.ebuild:
817 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
818 grsecurity patch.
819
820 *hardened-sources-2.6.17 (17 Aug 2006)
821
822 17 Aug 2006; Christian Heim <phreak@gentoo.org>
823 +hardened-sources-2.6.17.ebuild:
824 Bumping the hardened-sources-2.6 series to 2.6.17, using
825 genpatches-2.6.17-6.base.
826
827 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
828 - stable on x86 and amd64
829
830 *hardened-sources-2.6.16-r11 (15 Jul 2006)
831
832 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
833 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
834 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
835 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
836 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
837 crusty ebuilds
838
839 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
840 hardened-sources-2.6.16-r10.ebuild:
841 marking stable on x86 and amd64
842
843 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
844 - 2.4.32-r6 stable on x86. RSBAC state unknown
845
846 *hardened-sources-2.4.32-r7 (10 Jul 2006)
847
848 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
849 +hardened-sources-2.4.32-r7.ebuild:
850 Bump PaX for RSBAC to test-17
851
852 *hardened-sources-2.6.16-r9 (03 Jul 2006)
853
854 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
855 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
856 hardened-sources-2.6.16 bump to latest -base.
857
858 *hardened-sources-2.4.32-r6 (30 Jun 2006)
859
860 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
861 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
862 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
863 sysctl controlable resource logging
864
865 *hardened-sources-2.6.16-r7 (05 Jun 2006)
866
867 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
868 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
869 push new 2.6.16 release in preparation for stable
870
871 22 May 2006; <solar@gentoo.org> :
872 - redigest bug 134002
873
874 *hardened-sources-2.4.32-r5 (16 May 2006)
875
876 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
877 +hardened-sources-2.4.32-r5.ebuild:
878 Fixes rsbac common patching (new patch in new -r5 patchset)
879
880 *hardened-sources-2.4.32-r4 (13 May 2006)
881
882 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
883 +hardened-sources-2.4.32-r4.ebuild:
884 - security bumps
885
886 *hardened-sources-2.6.16-r6 (03 May 2006)
887
888 03 May 2006; John Mylchreest <johnm@gentoo.org>
889 +hardened-sources-2.6.16-r6.ebuild:
890 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
891
892 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
893 hardened-sources-2.6.14-r8.ebuild:
894 fix x86_64 build problem, this will delay the digest issue again for a short
895 while but it will sort itself out
896
897 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
898 hardened-sources-2.6.14-r8.ebuild:
899 bump hardened patchset
900
901 27 Apr 2006; Alec Warner <antarus@gentoo.org>
902 files/digest-hardened-sources-2.4.32-r2,
903 files/digest-hardened-sources-2.4.32-r3,
904 files/digest-hardened-sources-2.6.14-r8, Manifest:
905 Fixing duff SHA256 digests: Bug # 131293
906
907 *hardened-sources-2.6.16-r5 (27 Apr 2006)
908
909 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
910 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
911 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
912 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
913 cleanup of old uneccessary sources
914
915 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
916 fix digest
917
918 *hardened-sources-2.6.14-r8 (20 Apr 2006)
919
920 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
921 +hardened-sources-2.6.14-r8.ebuild:
922 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
923
924 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
925 Turning on gpg-signing again, and recomitting
926
927 *hardened-sources-2.6.16-r4 (20 Apr 2006)
928
929 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
930 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
931 +hardened-sources-2.6.16-r4.ebuild:
932 Fix numerous security vulns
933
934 *hardened-sources-2.4.32-r3 (16 Apr 2006)
935
936 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
937 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
938 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
939 - security bump for bug #112791. Removed old ebuilds
940
941 *hardened-sources-2.6.16-r3 (15 Apr 2006)
942
943 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
944 +hardened-sources-2.6.16-r3.ebuild:
945 Removing silly localversion which I missed
946
947 *hardened-sources-2.6.14-r7 (14 Apr 2006)
948
949 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
950 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
951 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
952
953 *hardened-sources-2.6.16-r2 (13 Apr 2006)
954
955 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
956 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
957 +hardened-sources-2.6.16-r2.ebuild:
958 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
959 labels, dropping USERGROUP define fixes, since these were merged mainstream.
960
961 *hardened-sources-2.6.16-r1 (11 Apr 2006)
962
963 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
964 +hardened-sources-2.6.16-r1.ebuild:
965 Bumping to include ppc build fix and 2.6.16.3
966
967 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
968 hardened-sources-2.6.14-r6.ebuild:
969 Stable on x86; bug #127718
970
971 *hardened-sources-2.6.16 (31 Mar 2006)
972
973 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
974 +hardened-sources-2.6.16.ebuild:
975 Bumping to new version of grsec, and kernel base. New squashfs. Based on
976 2.6.16.1
977
978 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
979 hardened-sources-2.6.14-r6.ebuild:
980 Stable on amd64, bug 127718.
981
982 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
983 Stable on ppc. Bug #127718
984
985 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
986 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
987 -hardened-sources-2.6.14-r4.ebuild:
988 Cleanup.
989
990 *hardened-sources-2.6.14-r6 (15 Mar 2006)
991
992 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
993 +hardened-sources-2.6.14-r6.ebuild:
994 Fixes grsec policy recreation bug and adds a
995 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
996
997 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
998 - stable on x86
999
1000 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1001 hardened-sources-2.6.14-r5.ebuild:
1002 Stable on ppc.
1003
1004 *hardened-sources-2.6.14-r5 (01 Feb 2006)
1005
1006 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1007 +hardened-sources-2.6.14-r5.ebuild:
1008 fixing every known exploit
1009
1010 *hardened-sources-2.4.32-r2 (26 Jan 2006)
1011
1012 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1013 +hardened-sources-2.4.32-r2.ebuild:
1014 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1015
1016 *hardened-sources-2.6.14-r4 (12 Jan 2006)
1017
1018 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1019 - version bump for new genpatches which fix up a few sec holes
1020
1021 *hardened-sources-2.4.32-r1 (05 Jan 2006)
1022
1023 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1024 - revision bump to add misc vital linux kernel security patches.
1025
1026 *hardened-sources-2.6.14-r3 (30 Dec 2005)
1027
1028 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1029 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1030 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1031
1032 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1033 hardened-sources-2.6.14-r2.ebuild:
1034 making x86 & amd64 stable following testing.
1035
1036 *hardened-sources-2.6.14-r2 (27 Dec 2005)
1037
1038 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1039 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1040 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1041 network hooks.
1042
1043 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1044 hardened-sources-2.6.14-r1.ebuild:
1045 bumping to stable early for sec fix on x86 & amd64
1046
1047 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1048
1049 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1050 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1051 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1052
1053 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1054 - stable on x86 security bug #114227 CAN-2005-3257
1055
1056 *hardened-sources-2.4.32 (19 Nov 2005)
1057
1058 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1059 +hardened-sources-2.4.32.ebuild:
1060 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1061 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1062 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1063 rsbac >> /etc/portage/package.use)
1064
1065 *hardened-sources-2.6.14 (14 Nov 2005)
1066
1067 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1068 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1069 Bumping 2.6 series to 2.6.14.2
1070
1071 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1072
1073 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1074 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1075 +hardened-sources-2.6.13-r2.ebuild:
1076 Fixes minor build error in ppc.
1077
1078 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1079
1080 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1081 +hardened-sources-2.6.13-r1.ebuild:
1082 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1083 2.6.13.4, fixes some major amd64 stability problems.
1084
1085 *hardened-sources-2.6.13 (16 Sep 2005)
1086
1087 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1088 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1089 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1090 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1091 users should test this thoroughly.
1092
1093 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1094 - stable on x86
1095
1096 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1097
1098 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1099 +hardened-sources-2.6.11-r15.ebuild:
1100 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1101 grsec redefining curr_ip struct.
1102
1103 *hardened-sources-2.4.31 (20 Jun 2005)
1104
1105 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1106 initial import of 2.4.31 tree
1107
1108 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1109
1110 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1111 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1112 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1113 naming scheme to abide by genpatches
1114
1115 *hardened-sources-2.6.11-r13 (18 May 2005)
1116
1117 18 May 2005; John Mylchreest <johnm@gentoo.org>
1118 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1119 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1120 target. sorry about that. Fixes bug #93022
1121
1122 *hardened-sources-2.6.11-r12 (17 May 2005)
1123
1124 17 May 2005; John Mylchreest <johnm@gentoo.org>
1125 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1126 +hardened-sources-2.6.11-r12.ebuild:
1127 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1128 merges in genpatches-base
1129
1130 *hardened-sources-2.6.11-r12 (17 May 2005)
1131
1132 17 May 2005; John Mylchreest <johnm@gentoo.org>
1133 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1134 +hardened-sources-2.6.11-r12.ebuild:
1135 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1136 merges in genpatches-base
1137
1138 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1139 -files/2.4.27-cmdline-race.patch,
1140 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1141 -files/2.4.28-grsec-binfmt_a.out.patch,
1142 -files/2.4.28-grsec-cmdline-race.patch,
1143 -files/2.4.28-selinux-binfmt_a.out.patch,
1144 -files/2.4.28-selinux-cmdline-race.patch,
1145 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1146 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1147 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1148 cleanup..
1149
1150 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1151
1152 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1153 - disable aout by default
1154
1155 *hardened-sources-2.4.30 (18 Apr 2005)
1156
1157 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1158 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1159 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1160 use
1161
1162 *hardened-sources-2.4.29 (30 Mar 2005)
1163
1164 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1165 +hardened-sources-2.4.29.ebuild:
1166 New hardened-patches-2.4-29.0 patchball.
1167 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1168
1169 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1170
1171 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1172 +hardened-sources-2.4.28-r5.ebuild:
1173 Added a fix for a PaX vulnerability.
1174
1175 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1176 hardened-sources-2.4.28-r4.ebuild:
1177 Stable on x86
1178
1179 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1180 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1181 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1182 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1183 - fixed/added RDEPEND= in all kernel-2 ebuilds
1184
1185 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1186
1187 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1188 +hardened-sources-2.4.28-r4.ebuild:
1189 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1190 backport of neighbour hash updates.
1191
1192 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1193 hardened-sources-2.4.28-r3.ebuild:
1194 Stable on x86
1195
1196 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1197
1198 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1199 +hardened-sources-2.6.10-r3.ebuild:
1200 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1201 in 2005.0
1202
1203 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1204 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1205 hardened-sources-2.4.28-r2.ebuild:
1206 Mark stable on x86
1207
1208 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1209
1210 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1211 +hardened-sources-2.4.28-r3.ebuild:
1212 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1213
1214 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1215 hardened-sources-2.4.28.ebuild:
1216 Mark stable on x86.
1217
1218 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1219
1220 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1221 +hardened-sources-2.4.28-r2.ebuild:
1222 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1223 Mazinger for grsecurity patches as well.
1224
1225 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1226
1227 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1228 Security bump. Thank tocharian for rolling a new patchset...
1229
1230 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1231 +files/2.4.28-grsec-cmdline-race.patch,
1232 +files/2.4.28-selinux-binfmt_a.out.patch,
1233 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1234 - Round up remaining security patches that appear to be missing in 2.4.28. -
1235 PaX standalone updated to current. hgpv=28.1
1236
1237 *hardened-sources-2.4.28 (28 Nov 2004)
1238
1239 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1240 security bump. Thank tocharian for rolling a new patchset
1241
1242 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1243
1244 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1245 +hardened-sources-2.4.27-r3.ebuild:
1246 Applies the new 2.4-27.2 patchball which updates
1247 GRSecurity to the 2.0.1 version.
1248
1249 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1250
1251 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1252 +hardened-sources-2.4.27-r2.ebuild:
1253 Version bump.
1254 This version uses the new 2.4-27.1 patchball which updates
1255 both the SELinux PaX hooks patch and the SELinux headers.
1256
1257 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1258
1259 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1260 +hardened-sources-2.4.27-r1.ebuild,
1261 -hardened-sources-2.4.27.ebuild,
1262 +files/2.4.27-cmdline-race.patch:
1263 Version bump, fix for cmdline race. See bug #59905.
1264
1265 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1266
1267 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1268 +hardened-sources-2.4.26-r6.ebuild,
1269 -hardened-sources-2.4.26-r5.ebuild,
1270 -hardened-sources-2.4.26-r4.ebuild,
1271 +files/2.4.26-cmdline-race.patch:
1272 Version bump, fix for cmdline race. See bug #59905.
1273
1274 *hardened-sources-2.4.27 (08 Aug 2004)
1275
1276 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1277 +hardened-sources-2.4.27.ebuild,
1278 +files/2.4.27-CAN-2004-0394.patch:
1279 Ported the patchball to the 2.4.27 kernel version.
1280
1281 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1282
1283 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1284 +hardened-sources-2.4.26-r5.ebuild:
1285 Updated to use the new hardened-patches-2.4-26.1 patchball.
1286 It adds the following features:
1287 - Squashfs
1288 - Ebtables
1289 - Netdev random (core+drivers)
1290 - Watchdog Timer (WDT) fix.
1291
1292 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1293
1294 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1295 +hardened-sources-2.4.26-r4.ebuild,
1296 +files/2.4.26-CAN-2004-0415.patch,
1297 -hardened-sources-2.4.26-3:
1298 Version bump, fix for CAN 0415, see bug #59378.
1299
1300 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1301
1302 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1303 +hardened-sources-2.4.26-r3.ebuild,
1304 +files/2.4.26-CAN-2004-0497.patch,
1305 -hardened-sources-2.4.26-r2.ebuild:
1306 Version bump, fixed CAN 0497, see bug #56171.
1307
1308 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1309
1310 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1311 +hardened-sources-2.4.26-r2.ebuild,
1312 +files/2.4.26-CAN-2004-0495.patch,
1313 +files/2.4.26-CAN-2004-0535.patch,
1314 -hardened-sources-2.4.26-r1.ebuild:
1315 Fixes for both CAN 0495 and 0535, see bug #54976
1316
1317 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1318 hardened-sources-2.4.26-r1.ebuild:
1319 QA - fix use invocation
1320
1321 *hardened-sources-2.4.26-r1 (22 June 2004)
1322
1323 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1324 +hardened-sources-2.4.26-r1.ebuild,
1325 +files/2.4.26-CAN-2004-0394.patch,
1326 +files/2.4.26-signal-race.patch,
1327 -hardened-sources-2.4.26.ebuild,
1328 -hardened-sources-2.4.24-r3.ebuild:
1329 Version bump for the CAN-2004-0394 issue and bug #53804
1330 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1331
1332
1333 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1334 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1335 Masked hardened-sources-2.4.26.ebuild broken for ppc
1336
1337 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1338 hardened-sources-2.4.24-r3.ebuild:
1339 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1340
1341 *hardened-sources-2.4.26 (29 May 2004)
1342
1343 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1344 +hardened-sources-2.4.26.ebuild:
1345 Updated hardened-sources for the 2.4.26 kernel
1346 Removed broken components, updated almost everything.
1347
1348 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1349
1350 17 Apr 2004; <plasmaroo@gentoo.org>
1351 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1352 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1353 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1354 +hardened-sources-2.4.24-r3.ebuild:
1355 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1356 vulnerabilities. Old revisions removed.
1357
1358 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1359
1360 15 Apr 2004; <plasmaroo@gentoo.org>
1361 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1362 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1363 Version bump for the CAN-2004-0109 issue; bug #47881.
1364
1365 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1366 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1367 Add eutils to inherit.
1368
1369 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1370
1371 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1372 files/hardened-sources-2.4.24.munmap.patch:
1373 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1374
1375 *hardened-sources-2.4.24 (06 Feb 2004)
1376
1377 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1378 hardened-sources-2.4.24.ebuild:
1379 Version bump, updated most of the components.
1380 This release includes the following:
1381
1382 - Hardened security
1383 - Netfilter patch-o-matic 20031219
1384 - FreeSWAN 2.04 & x509 1.4.8
1385 - EVMS 2.2.2
1386 - XFS 1.3.1
1387 - cryptoloop jari
1388 - grsecurity 2.0-rc4
1389 - SELinux
1390 - PaX 200402060000
1391 - PaX Obscurity 200308302223
1392 - Others...
1393
1394 Neither -ck nor systrace are included anymore.
1395
1396 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1397
1398 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1399 hardened-sources-2.4.22-r2.ebuild:
1400 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1401
1402 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1403
1404 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1405 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1406
1407 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1408 hardened-sources-2.4.22-r1.ebuild:
1409 Version bump for the 'do_brk' vulnerability.
1410
1411 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1412 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1413 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1414 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1415 Fix the 'do_brk' vulnerability.
1416
1417 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1418 hardened-sources-2.4.22.ebuild:
1419 - Removed the src_install() portion for SELinux flask
1420 components. These are no longer handled in the kernel
1421 so this code was not necessary.
1422
1423 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1424 New 2.4.22 based hardened-sources thanks to
1425 Phil West <p.west@computer.org>.
1426
1427 These sources include:
1428 - New SELinux API
1429 - Updated CK-base
1430 - Updated GRSec
1431 - Systrace
1432 - SuperFreeS/WAN 1.99.8
1433 - Propolice kernel build support
1434 - EVMS
1435 - Other various security related patches
1436
1437 *hardened-sources-2.4.21 (14 Sep 2003)
1438
1439 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1440 Updated hardened-sources based on the 2.4.21 Linux kernel.
1441 This includes updates to most major components such as:
1442 - ck-base-0306300059
1443 - selinux-2.4-2003071106
1444 - grsecurity-2.0-rc1
1445 - Updated IPTables patch-o-matic
1446 - Updated SuperFreeS/WAN
1447
1448 Thanks to Phil West <pwest@computer.org> for his work in getting this
1449 updated patch set ready for the 2.4.21 based kernel.
1450
1451 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1452 Initial import of hardened-sources-2.4.20-r4. This revision
1453 includes only a few changes, but one of these is an important
1454 security fix. It is recommended all users of hardened-sources
1455 upgrade to this release.
1456
1457 - ioperm bug fix
1458 - fixed compilation failure when building without GRSec
1459
1460 SAL (Secure Auditing for Linux) is NOT included in this revision
1461 due to time constraints, but is planned for inclusion in the near
1462 future.
1463
1464 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1465
1466 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1467 hardened-sources-2.4.20-r3.ebuild:
1468 Add Header...
1469
1470 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1471 hardened-sources-2.4.20-r3.ebuild:
1472 Removed warnings from ebuild. This kernel should be safe to
1473 use at this point.
1474
1475 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1476
1477 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1478 hardened-sources-2.4.20-r3.ebuild:
1479 New revision. Includes the following changes over -r2:
1480
1481 - ck7-base (O(1), preempt, low latency)
1482 - Super FreeS/WAN 1.99.7rc2
1483 - PaX for the LSM/SELinux branch
1484 - GRSecurity 2.0-pre4 (role based access control)
1485 - Systrace 1.3
1486 - EXT3 fixes
1487 - EVMS 2.0.1
1488 - GCC 3.1+ compile optimizations
1489 - ProPolice kernel build support
1490 - Hashing table security fixes
1491
1492 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1493
1494 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1495 Initial import of hardened-sources-r2. This new
1496 ebuild includes many new performance and security
1497 related patches. As in -r1, it will patch in
1498 LSM/SELinux if "selinux" is in USE, otherwise it
1499 will patch in GRSecurity. The following patches
1500 are included in this revision:
1501
1502 - O(1) Scheduler, Low Latency, and Preempt
1503 (pulled from the base CK patch)
1504 - ptrace exploit patch for the LSM kernel
1505 (the GRSec patch already fixes this)
1506 - LSM 2.4-2003040709
1507 - SELinux 2.4-2003040709
1508 - Systrace v1.2
1509 - IPTables patch-o-matic base patches - 20030107
1510 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1511 - Super FreeS/WAN 1.99.6.1
1512 - GRSecurity 1.9.9g
1513 - MPPE
1514 - EXT3 data journal fix
1515 - CIPE 1.5.4
1516
1517 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1518 hardened-sources-2.4.20-r1.ebuild, manifest:
1519 Updated to install flask components correctly for selinux.
1520
1521 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1522 hardened-sources-2.4.20-r1.ebuild:
1523 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1524 is patched in instead. Ptrace patches for selinux have also been added. In
1525 either case, systrace support will be patched in as well.
1526
1527 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1528 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1529 Revision bump for new sources.
1530
1531 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1532 hardened-sources-2.4.20-r1.ebuild:
1533 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1534
1535 *hardened-sources-2.4.20 (30 Mar 2003)
1536
1537 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1538 hardened-sources-2.4.20.ebuild:
1539 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20