/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.296 - (show annotations) (download)
Tue Mar 17 03:04:45 2009 UTC (5 years, 4 months ago) by gengor
Branch: MAIN
Changes since 1.295: +5 -1 lines
Quick stable sys-kernel/hardened-sources-2.6.28-r3 on amd64/x86 - critical fixes
(Portage version: 2.1.6.7/cvs/Linux i686)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.295 2009/03/15 06:18:05 gengor Exp $
4
5 17 Mar 2009; Gordon Malm <gengor@gentoo.org>
6 hardened-sources-2.6.28-r3.ebuild:
7 Quick stable amd64/x86.
8
9 *hardened-sources-2.6.28-r3 (15 Mar 2009)
10
11 15 Mar 2009; Gordon Malm <gengor@gentoo.org>
12 +hardened-sources-2.6.28-r3.ebuild:
13 Adds latest PaX changes fixing some boot issues, ext4 fixes for bug #262507.
14
15 14 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r2.ebuild:
16 ppc stable
17
18 13 Mar 2009; Gordon Malm <gengor@gentoo.org>
19 hardened-sources-2.6.28-r2.ebuild:
20 Stable amd64/x86.
21
22 *hardened-sources-2.6.28-r2 (11 Mar 2009)
23
24 11 Mar 2009; Gordon Malm <gengor@gentoo.org>
25 +hardened-sources-2.6.28-r2.ebuild:
26 Version bump bringing in latest grsecurity patch.
27
28 *hardened-sources-2.6.28-r1 (09 Mar 2009)
29
30 09 Mar 2009; Gordon Malm <gengor@gentoo.org>
31 -hardened-sources-2.6.28.ebuild, +hardened-sources-2.6.28-r1.ebuild:
32 Version bump and remove old.
33
34 07 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.27-r8.ebuild:
35 ppc stable
36
37 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
38 hardened-sources-2.6.27-r8.ebuild:
39 Remove amd64 testing keyword, bug 256226.
40
41 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
42 hardened-sources-2.6.27-r8.ebuild:
43 Revert amd64 stable, bug #256226.
44
45 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
46 hardened-sources-2.6.27-r8.ebuild:
47 Stable on amd64/x86.
48
49 24 Feb 2009; Gordon Malm <gengor@gentoo.org>
50 -hardened-sources-2.6.27-r6.ebuild:
51 Remove old 2.6.27 release.
52
53 *hardened-sources-2.6.27-r8 (24 Feb 2009)
54
55 24 Feb 2009; Gordon Malm <gengor@gentoo.org>
56 +hardened-sources-2.6.27-r8.ebuild:
57 Bump to latest genpatches, Linux 2.6.27.19, PaX updates. Fixes bug #256067
58 and probably more.
59
60 04 Feb 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.26-r9.ebuild:
61 ppc stable
62
63 *hardened-sources-2.6.28 (25 Jan 2009)
64
65 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
66 +hardened-sources-2.6.28.ebuild:
67 Initial 2.6.28 release.
68
69 *hardened-sources-2.6.27-r7 (25 Jan 2009)
70
71 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
72 +hardened-sources-2.6.27-r7.ebuild:
73 Bump to Linux 2.6.27.13.
74
75 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
76 hardened-sources-2.6.26-r9.ebuild:
77 Stable amd64/x86.
78
79 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
80 -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
81 -hardened-sources-2.6.27-r5.ebuild:
82 Remove problem versions.
83
84 *hardened-sources-2.6.27-r6 (24 Jan 2009)
85
86 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
87 +hardened-sources-2.6.27-r6.ebuild:
88 Revert PaX test29 to test30 changes. Fixes bug 256226.
89
90 *hardened-sources-2.6.27-r5 (24 Jan 2009)
91
92 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
93 +hardened-sources-2.6.27-r5.ebuild:
94 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
95 254843.
96
97 23 Jan 2009; Gordon Malm <gengor@gentoo.org>
98 -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
99 -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
100 Remove problem versions.
101
102 23 Jan 2009; nixnut <nixnut@gentoo.org>
103 hardened-sources-2.6.25-r13.ebuild:
104 ppc stable
105
106 21 Jan 2009; Gordon Malm <gengor@gentoo.org>
107 hardened-sources-2.6.25-r13.ebuild:
108 Fasttrack stable amd64/x86.
109
110 *hardened-sources-2.6.26-r9 (21 Jan 2009)
111
112 21 Jan 2009; Gordon Malm <gengor@gentoo.org>
113 +hardened-sources-2.6.26-r9.ebuild:
114 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
115
116 *hardened-sources-2.6.25-r13 (20 Jan 2009)
117
118 20 Jan 2009; Gordon Malm <gengor@gentoo.org>
119 +hardened-sources-2.6.25-r13.ebuild:
120 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
121
122 20 Jan 2009; nixnut <nixnut@gentoo.org>
123 hardened-sources-2.6.25-r12.ebuild:
124 ppc stable
125
126 17 Jan 2009; Gordon Malm <gengor@gentoo.org>
127 hardened-sources-2.6.25-r12.ebuild:
128 Stable amd64/x86.
129
130 14 Jan 2009; Gordon Malm <gengor@gentoo.org>
131 -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
132 -hardened-sources-2.6.27-r2.ebuild:
133 Clean out old versions.
134
135 *hardened-sources-2.6.27-r4 (14 Jan 2009)
136 *hardened-sources-2.6.26-r8 (14 Jan 2009)
137 *hardened-sources-2.6.25-r12 (14 Jan 2009)
138
139 14 Jan 2009; Gordon Malm <gengor@gentoo.org>
140 +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
141 +hardened-sources-2.6.27-r4.ebuild:
142 2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
143 2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
144 2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
145 grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
146
147 15 Dec 2008; nixnut <nixnut@gentoo.org>
148 hardened-sources-2.6.25-r11.ebuild:
149 Stable on ppc
150
151 09 Dec 2008; Gordon Malm <gengor@gentoo.org>
152 hardened-sources-2.6.25-r11.ebuild:
153 Stable amd64/x86.
154
155 *hardened-sources-2.6.27-r3 (07 Dec 2008)
156
157 07 Dec 2008; Gordon Malm <gengor@gentoo.org>
158 +hardened-sources-2.6.27-r3.ebuild:
159 Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
160 Fixes bug #248754, #249729 and #246607.
161
162 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
163 -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
164 Remove old versions.
165
166 *hardened-sources-2.6.26-r7 (03 Dec 2008)
167 *hardened-sources-2.6.25-r11 (03 Dec 2008)
168
169 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
170 +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
171 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
172 2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
173 Both include many backports from 2.6.27.{6,7} -stable releases.
174
175 24 Nov 2008; Gordon Malm <gengor@gentoo.org>
176 -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
177 Remove versions broken on ARCHes != x86/amd64.
178
179 *hardened-sources-2.6.27-r2 (24 Nov 2008)
180
181 24 Nov 2008; Gordon Malm <gengor@gentoo.org>
182 +hardened-sources-2.6.27-r2.ebuild:
183 Bump to Linux 2.6.27.7 and latest grsecurity patch.
184
185 19 Nov 2008; Gordon Malm <gengor@gentoo.org>
186 -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
187 Remove old versions.
188
189 19 Nov 2008; Gordon Malm <gengor@gentoo.org>
190 hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
191 Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
192
193 16 Nov 2008; nixnut <nixnut@gentoo.org>
194 hardened-sources-2.6.25-r10.ebuild:
195 Stable on ppc
196
197 15 Nov 2008; Gordon Malm <gengor@gentoo.org>
198 hardened-sources-2.6.25-r10.ebuild:
199 Stable amd64/x86.
200
201 *hardened-sources-2.6.26-r6 (12 Nov 2008)
202
203 12 Nov 2008; Gordon Malm <gengor@gentoo.org>
204 +hardened-sources-2.6.26-r6.ebuild:
205 Bump to Linux 2.6.26.8 and fix security bug #245650.
206
207 *hardened-sources-2.6.25-r10 (12 Nov 2008)
208
209 12 Nov 2008; Gordon Malm <gengor@gentoo.org>
210 +hardened-sources-2.6.25-r10.ebuild:
211 Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
212
213 *hardened-sources-2.6.27-r1 (09 Nov 2008)
214
215 09 Nov 2008; Gordon Malm <gengor@gentoo.org>
216 +hardened-sources-2.6.27-r1.ebuild:
217 Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
218
219 *hardened-sources-2.6.27 (04 Nov 2008)
220
221 04 Nov 2008; Gordon Malm <gengor@gentoo.org>
222 +hardened-sources-2.6.27.ebuild:
223 Initial 2.6.27 release.
224
225 *hardened-sources-2.6.26-r5 (03 Nov 2008)
226
227 03 Nov 2008; Gordon Malm <gengor@gentoo.org>
228 -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
229 +hardened-sources-2.6.26-r5.ebuild:
230 2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
231 Clean out some old versions.
232
233 02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
234 Stable on ppc
235
236 30 Oct 2008; Gordon Malm <gengor@gentoo.org>
237 hardened-sources-2.6.25-r9.ebuild:
238 Stable on amd64/x86.
239
240 *hardened-sources-2.6.25-r9 (26 Oct 2008)
241
242 26 Oct 2008; Gordon Malm <gengor@gentoo.org>
243 +hardened-sources-2.6.25-r9.ebuild:
244 Update to Linux 2.6.25.19
245
246 15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
247 Stable on ppc
248
249 *hardened-sources-2.6.26-r4 (14 Oct 2008)
250
251 14 Oct 2008; Gordon Malm <gengor@gentoo.org>
252 -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
253 Update to latest grsecurity patch, fixing building of non-modular kernels.
254
255 *hardened-sources-2.6.26-r3 (12 Oct 2008)
256
257 12 Oct 2008; Gordon Malm <gengor@gentoo.org>
258 hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
259 +hardened-sources-2.6.26-r3.ebuild:
260 2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
261 2.6.26-r1: Removed.
262 2.6.25-r8: Stable amd64/x86.
263
264 *hardened-sources-2.6.25-r8 (09 Oct 2008)
265
266 09 Oct 2008; Gordon Malm <gengor@gentoo.org>
267 -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
268 -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
269 Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
270
271 20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
272 Stable on ppc
273
274 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
275 hardened-sources-2.6.25-r7.ebuild:
276 Stable amd64/x86.
277
278 *hardened-sources-2.6.26-r2 (13 Sep 2008)
279
280 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
281 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
282 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
283 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
284
285 *hardened-sources-2.6.25-r7 (13 Sep 2008)
286
287 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
288 +hardened-sources-2.6.25-r7.ebuild:
289 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
290
291 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
292 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
293 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
294 hardened-sources-2.6.26-r1.ebuild:
295 Update DESCRIPTION and HGPV_URI.
296
297 *hardened-sources-2.6.25-r6 (09 Sep 2008)
298
299 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
300 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
301 2.6.25-r6: Update to Linux 2.6.25.17.
302 2.6.24-r3: Removed.
303
304 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
305 hardened-sources-2.6.25-r5.ebuild:
306 Stable on amd64/x86
307
308 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
309 Update my email address.
310
311 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
312 stable on ppc
313
314 *hardened-sources-2.6.26-r1 (23 Aug 2008)
315 *hardened-sources-2.6.25-r5 (23 Aug 2008)
316
317 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
318 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
319 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
320 +hardened-sources-2.6.26-r1.ebuild:
321 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
322 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
323 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
324 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
325 (gengor).
326
327 *hardened-sources-2.6.26 (18 Aug 2008)
328 *hardened-sources-2.6.25-r4 (18 Aug 2008)
329
330 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
331 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
332 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
333 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
334 2.6.25-r2: Removed.
335
336 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
337 Remove phreak from metadata.xml (#96398)
338
339 *hardened-sources-2.6.25-r3 (31 Jul 2008)
340
341 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
342 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
343 +hardened-sources-2.6.25-r3.ebuild:
344 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
345 fixes, including security bug #231750.
346
347 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
348 Stable on ppc
349
350 *hardened-sources-2.6.25-r2 (05 Jul 2008)
351
352 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
353 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
354 +hardened-sources-2.6.25-r2.ebuild:
355 2.6.23-r4: Stable x86/amd64
356 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
357 2.6.23-r{11,12}: Removed due to multiple vulns.
358 (gengor & kerframil)
359
360 04 Jul 2008; nixnut <nixnut@gentoo.org>
361 hardened-sources-2.6.23-r13.ebuild:
362 Stable on ppc
363
364 *hardened-sources-2.6.25-r1 (30 Jun 2008)
365
366 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
367 +hardened-sources-2.6.25-r1.ebuild:
368 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
369 grsecurity release. 2.6.23-r13: x86/amd64 stable
370
371 *hardened-sources-2.6.25 (17 Jun 2008)
372 *hardened-sources-2.6.24-r3 (17 Jun 2008)
373 *hardened-sources-2.6.23-r13 (17 Jun 2008)
374
375 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
376 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
377 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
378 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
379 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
380 2.6.25: Initial 2.6.25 release.
381
382 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
383 - fasttrack to stable x86/amd64
384
385 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
386 Fix broken digest for linux-2.6.24.tar.bz2.
387
388 *hardened-sources-2.6.24-r2 (11 May 2008)
389 *hardened-sources-2.6.23-r12 (11 May 2008)
390
391 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
392 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
393 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
394 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
395 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
396 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
397 security bugs 219901, 220691, 220975, 220979, 221123. New
398 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
399 should be removed as far as I'm concerned, everything else remove due to
400 vulnerable to numerous security bugs or brokeness.
401
402 10 May 2008; nixnut <nixnut@gentoo.org>
403 hardened-sources-2.6.23-r11.ebuild:
404 Stable on ppc
405
406 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
407 - -r11 stable on x86/amd64
408
409 *hardened-sources-2.6.23-r11 (01 May 2008)
410
411 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
412 - version bump to fix ulgy linux bugs
413
414 *hardened-sources-2.6.24-r1 (30 Apr 2008)
415
416 30 Apr 2008; Christian Heim <phreak@gentoo.org>
417 +hardened-sources-2.6.24-r1.ebuild:
418 Revision bump (thanks to Kerin and Gordon, again), pulling
419 genpatches-2.6.24-7, solving #219089. Additionally contains further security
420 fixes plus some minor updates.
421
422 *hardened-sources-2.6.23-r10 (30 Apr 2008)
423
424 30 Apr 2008; Christian Heim <phreak@gentoo.org>
425 +hardened-sources-2.6.23-r10.ebuild:
426 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
427 Additional contains "various other fixes".
428
429 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
430 Update the longdescription in metadata, thanks to Gordon Malm.
431
432 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
433 Stable on ppc wrt bug #213255
434
435 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
436 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
437 - stable on x86/amd64 per request. Removed obsolete ebuilds
438
439 *hardened-sources-2.6.24 (07 Apr 2008)
440
441 07 Apr 2008; Christian Heim <phreak@gentoo.org>
442 +hardened-sources-2.6.24.ebuild:
443 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
444 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
445 for the many contributions and their continued effort in #216612) based on
446 2.6.24 and genpatches-2.6.24-5.
447
448 The current ebuild/patchset contains these things:
449 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
450 * Introduces bespoke server and workstation oriented security levels
451 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
452
453 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
454 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
455 maintaining it).
456
457 24 Mar 2008; Christian Heim <phreak@gentoo.org>
458 hardened-sources-2.4.35-r2.ebuild:
459 Fixing SRC_URI for 2.4.35-r2.
460
461 *hardened-sources-2.6.23-r9 (22 Mar 2008)
462
463 22 Mar 2008; Christian Heim <phreak@gentoo.org>
464 +hardened-sources-2.6.23-r9.ebuild:
465 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
466 * Change the default GIDs for some grsecurity options
467 * Revamp the Hardened [Gentoo] security level and make it the default level
468 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
469 * Fix a recursive lock -- call to capable() within ptrace_attach()
470 * Fix bug that allows audit and iscsi operations to be controlled via netlink
471
472 *hardened-sources-2.6.23-r8 (27 Feb 2008)
473
474 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
475 - version bump from Kerin Millar bug 210026
476
477 17 Feb 2008; <solar@gentoo.org> metadata.xml,
478 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
479 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
480 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
481 - stable on x86 and remove old ebuilds
482
483 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
484 - stable on amd64 per request of amd64 lead
485
486 *hardened-sources-2.6.23-r7 (11 Feb 2008)
487
488 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
489 - version bump from kerin.millar
490 Changes:
491
492 * Bump to genpatches-base-2.6.23-9
493 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
494 * Disables COMPAT_VDSO in x86/defconfig
495 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
496
497 25 Jan 2008; Christian Heim <phreak@gentoo.org>
498 -hardened-sources-2.6.22-r8.ebuild:
499 Cleaning up old versions.
500
501 *hardened-sources-2.6.23-r6 (25 Jan 2008)
502
503 25 Jan 2008; Christian Heim <phreak@gentoo.org>
504 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
505 Revision bump, pulling in the latest genpatches.
506
507 *hardened-sources-2.6.23-r5 (24 Dec 2007)
508
509 24 Dec 2007; Christian Heim <phreak@gentoo.org>
510 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
511 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
512 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
513 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
514
515 24 Dec 2007; Christian Heim <phreak@gentoo.org>
516 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
517 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
518 -hardened-sources-2.6.23-r3.ebuild:
519 Cleaning out some unused, old versions.
520
521 24 Dec 2007; Christian Heim <phreak@gentoo.org>
522 hardened-sources-2.6.23-r4.ebuild:
523 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
524 in the tree for long, but there isn't much of a difference between this and
525 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
526
527 *hardened-sources-2.6.23-r4 (23 Dec 2007)
528
529 23 Dec 2007; Christian Heim <phreak@gentoo.org>
530 +hardened-sources-2.6.23-r4.ebuild:
531 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
532
533 *hardened-sources-2.6.23-r3 (04 Dec 2007)
534
535 04 Dec 2007; Christian Heim <phreak@gentoo.org>
536 +hardened-sources-2.6.23-r3.ebuild:
537 Revision bump, pulling in 2.6.23.9.
538
539 *hardened-sources-2.6.23-r2 (25 Nov 2007)
540
541 25 Nov 2007; Christian Heim <phreak@gentoo.org>
542 +hardened-sources-2.6.23-r2.ebuild:
543 Updated patchset, thanks to solar.
544
545 *hardened-sources-2.6.23-r1 (31 Oct 2007)
546
547 31 Oct 2007; Christian Heim <phreak@gentoo.org>
548 +hardened-sources-2.6.23-r1.ebuild:
549 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
550
551 29 Oct 2007; <solar@gentoo.org> metadata.xml:
552 - update metadata.xml
553
554 25 Oct 2007; Christian Heim <phreak@gentoo.org>
555 hardened-sources-2.6.22-r8.ebuild:
556 Marking 2.6.22-r8 stable on amd64 and x86.
557
558 21 Oct 2007; Christian Heim <phreak@gentoo.org>
559 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
560 -hardened-sources-2.6.21-r4.ebuild:
561 Removing old ebuilds.
562
563 *hardened-sources-2.4.35-r2 (21 Oct 2007)
564
565 21 Oct 2007; Christian Heim <phreak@gentoo.org>
566 +hardened-sources-2.4.35-r2.ebuild:
567 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
568 patches.
569
570 *hardened-sources-2.6.22-r8 (21 Oct 2007)
571
572 21 Oct 2007; Christian Heim <phreak@gentoo.org>
573 +hardened-sources-2.6.22-r8.ebuild:
574 Yet another new patch, hopefully fixing the remaining issues we had w/
575 2.6.22. Candidate for stabling.
576
577 *hardened-sources-2.6.23 (13 Oct 2007)
578
579 13 Oct 2007; Christian Heim <phreak@gentoo.org>
580 +hardened-sources-2.6.23.ebuild:
581 Initial hardened-sources-2.6.23. If people still have problems w/ bug
582 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
583
584 11 Oct 2007; Christian Heim <phreak@gentoo.org>
585 hardened-sources-2.6.20-r10.ebuild:
586 Pulling in yet another new genpatches version, fixing the PWC bug for real.
587
588 04 Oct 2007; Christian Heim <phreak@gentoo.org>
589 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
590 Removing old versions.
591
592 *hardened-sources-2.6.22-r7 (01 Oct 2007)
593
594 01 Oct 2007; Christian Heim <phreak@gentoo.org>
595 +hardened-sources-2.6.22-r7.ebuild:
596 Revision bump, pulling in a newer patch. Should fix #194276.
597
598 30 Sep 2007; Christian Heim <phreak@gentoo.org>
599 hardened-sources-2.6.20-r10.ebuild:
600 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
601 Mike Doty).
602
603 *hardened-sources-2.6.22-r6 (26 Sep 2007)
604
605 26 Sep 2007; Christian Heim <phreak@gentoo.org>
606 +hardened-sources-2.6.22-r6.ebuild:
607 Revision bump, grabbing up till Linux 2.6.22.9.
608
609 24 Sep 2007; Christian Heim <phreak@gentoo.org>
610 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
611 Cleaning up further.
612
613 *hardened-sources-2.6.20-r10 (24 Sep 2007)
614
615 24 Sep 2007; Christian Heim <phreak@gentoo.org>
616 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
617 +hardened-sources-2.6.20-r10.ebuild:
618 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
619 revisions.
620
621 *hardened-sources-2.6.22-r5 (22 Sep 2007)
622
623 22 Sep 2007; Christian Heim <phreak@gentoo.org>
624 +hardened-sources-2.6.22-r5.ebuild:
625 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
626
627 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
628 Removing johnm from metadata.xml (see #186467 for reference).
629
630 *hardened-sources-2.6.22-r4 (17 Sep 2007)
631
632 17 Sep 2007; Christian Heim <phreak@gentoo.org>
633 +hardened-sources-2.6.22-r4.ebuild:
634 Revision bump, hopefully fixing all those weird PAX failures.
635
636 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
637 Updating the metadata.xml.
638
639 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
640 Removing tocharian from metadata due to his retirement (see #71718 for
641 reference).
642
643 *hardened-sources-2.6.20-r9 (30 Aug 2007)
644
645 30 Aug 2007; Christian Heim <phreak@gentoo.org>
646 +hardened-sources-2.6.20-r9.ebuild:
647 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
648
649 29 Aug 2007; Christian Heim <phreak@gentoo.org>
650 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
651 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
652 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
653 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
654 -hardened-sources-2.6.22-r2.ebuild:
655 Removing some redundant versions.
656
657 *hardened-sources-2.4.35-r1 (29 Aug 2007)
658
659 29 Aug 2007; Christian Heim <phreak@gentoo.org>
660 +hardened-sources-2.4.35-r1.ebuild:
661 Revision bump, new grsecurity patch.
662
663 *hardened-sources-2.6.20-r8 (26 Aug 2007)
664
665 26 Aug 2007; Christian Heim <phreak@gentoo.org>
666 +hardened-sources-2.6.20-r8.ebuild:
667 Revision bump for Linux 2.6.20.17.
668
669 *hardened-sources-2.6.22-r3 (22 Aug 2007)
670
671 22 Aug 2007; Christian Heim <phreak@gentoo.org>
672 +hardened-sources-2.6.22-r3.ebuild:
673 Revision bump for Linux 2.6.22.4.
674
675 16 Aug 2007; Christian Heim <phreak@gentoo.org>
676 hardened-sources-2.6.22-r2.ebuild:
677 Updated patchset, to fix the alignment against 2.6.22.3.
678
679 *hardened-sources-2.6.22-r2 (16 Aug 2007)
680
681 16 Aug 2007; Christian Heim <phreak@gentoo.org>
682 +hardened-sources-2.6.22-r2.ebuild:
683 Revision bump for Linux 2.6.22.3.
684
685 *hardened-sources-2.4.35 (16 Aug 2007)
686
687 16 Aug 2007; Christian Heim <phreak@gentoo.org>
688 +hardened-sources-2.4.35.ebuild:
689 Version bump, initial version for Linux 2.4.35.
690
691 *hardened-sources-2.6.21-r4 (16 Aug 2007)
692
693 16 Aug 2007; Christian Heim <phreak@gentoo.org>
694 +hardened-sources-2.6.21-r4.ebuild:
695 Revision bump for Linux 2.6.21.6.
696
697 *hardened-sources-2.6.20-r7 (16 Aug 2007)
698
699 16 Aug 2007; Christian Heim <phreak@gentoo.org>
700 +hardened-sources-2.6.20-r7.ebuild:
701 Revision bump for Linux 2.6.20.16.
702
703 *hardened-sources-2.6.22-r1 (13 Aug 2007)
704
705 13 Aug 2007; Christian Heim <phreak@gentoo.org>
706 +hardened-sources-2.6.22-r1.ebuild:
707 Yet another revision bump.
708
709 *hardened-sources-2.6.22 (10 Aug 2007)
710
711 10 Aug 2007; Christian Heim <phreak@gentoo.org>
712 +hardened-sources-2.6.22.ebuild:
713 Initial release for 2.6.22. If you are using hardened-sources on a desktop
714 machine (P4 or newer), be aware you might need to disable
715 CONFIG_PAX_PAGEEXEC.
716
717 04 Aug 2007; Christian Heim <phreak@gentoo.org>
718 hardened-sources-2.6.20-r6.ebuild:
719 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
720 2.6.20.15.
721
722 10 Jul 2007; Christian Heim <phreak@gentoo.org>
723 hardened-sources-2.6.20-r5.ebuild:
724 Marking hardened-sources-2.6.20-r5 stable on ppc.
725
726 10 Jul 2007; Christian Heim <phreak@gentoo.org>
727 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
728 Cleanup.
729
730 *hardened-sources-2.6.20-r6 (08 Jul 2007)
731
732 08 Jul 2007; Christian Heim <phreak@gentoo.org>
733 +hardened-sources-2.6.20-r6.ebuild:
734 Revision bump, grabbing yet another stable release.
735
736 17 Jun 2007; Christian Heim <phreak@gentoo.org>
737 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
738 -hardened-sources-2.6.21-r2.ebuild:
739 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
740 alpha stable KEYWORD by mistake.
741
742 17 Jun 2007; Christian Heim <phreak@gentoo.org>
743 hardened-sources-2.6.20-r5.ebuild:
744 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
745 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
746
747 *hardened-sources-2.6.21-r3 (12 Jun 2007)
748
749 12 Jun 2007; Christian Heim <phreak@gentoo.org>
750 +hardened-sources-2.6.21-r3.ebuild:
751 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
752 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
753 love.
754
755 *hardened-sources-2.6.20-r5 (11 Jun 2007)
756
757 11 Jun 2007; Christian Heim <phreak@gentoo.org>
758 +hardened-sources-2.6.20-r5.ebuild:
759 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
760 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
761 love.
762
763 *hardened-sources-2.4.34.5 (11 Jun 2007)
764
765 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
766 +hardened-sources-2.4.34.5.ebuild:
767 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
768
769 30 May 2007; Christian Heim <phreak@gentoo.org>
770 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
771 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
772 stale ebuild(s).
773
774 30 May 2007; Christian Heim <phreak@gentoo.org>
775 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
776 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
777 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
778 Doing some cleanups, remove stale ebuilds.
779
780 26 May 2007; Christian Heim <phreak@gentoo.org>
781 hardened-sources-2.6.21-r2.ebuild:
782 Fixing the grsecurity patch, had one '};' too much.
783
784 *hardened-sources-2.6.21-r2 (26 May 2007)
785
786 26 May 2007; Christian Heim <phreak@gentoo.org>
787 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
788 +hardened-sources-2.6.21-r2.ebuild:
789 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
790 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
791
792 *hardened-sources-2.6.20-r4 (26 May 2007)
793
794 26 May 2007; Christian Heim <phreak@gentoo.org>
795 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
796 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
797 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
798
799 15 May 2007; Christian Heim <phreak@gentoo.org>
800 hardened-sources-2.6.20-r3.ebuild:
801 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
802 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
803 grsecurity patch fail in that exact same hunk.
804
805 *hardened-sources-2.6.20-r3 (15 May 2007)
806
807 15 May 2007; Christian Heim <phreak@gentoo.org>
808 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
809 Revision bump, incorporating Linux 2.6.20.11.
810
811 *hardened-sources-2.6.21-r1 (11 May 2007)
812
813 11 May 2007; Christian Heim <phreak@gentoo.org>
814 +hardened-sources-2.6.21-r1.ebuild:
815 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
816 mentioned in #177234.
817
818 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
819 files/digest-hardened-sources-2.6.21, Manifest:
820 Fix Manifest/digest for linux-2.6.21.tar.bz2
821
822 06 May 2007; Christian Heim <phreak@gentoo.org>
823 hardened-sources-2.6.21.ebuild:
824 Bumping the hardened-patches version, needed for the fix for #177234.
825
826 *hardened-sources-2.6.21 (02 May 2007)
827
828 02 May 2007; Christian Heim <phreak@gentoo.org>
829 +hardened-sources-2.6.21.ebuild:
830 Version bump, Linux 2.6.21-hardened.
831
832 29 Apr 2007; Christian Heim <phreak@gentoo.org>
833 hardened-sources-2.6.20-r2.ebuild:
834 Adding ~ia64 on Ned's request.
835
836 29 Apr 2007; Christian Heim <phreak@gentoo.org>
837 hardened-sources-2.6.20-r2.ebuild:
838 Fixing the included grsecurity patch, wasn't alligning due to the Index:
839 header line(s).
840
841 29 Apr 2007; Christian Heim <phreak@gentoo.org>
842 hardened-sources-2.6.20-r2.ebuild:
843 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
844
845 *hardened-sources-2.6.20-r2 (10 Apr 2007)
846
847 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
848 +hardened-sources-2.6.20-r2.ebuild:
849 Version bump, on behalf of phreak
850
851 *hardened-sources-2.6.20-r1 (04 Apr 2007)
852
853 04 Apr 2007; Christian Heim <phreak@gentoo.org>
854 +hardened-sources-2.6.20-r1.ebuild:
855 Revision bump, grabbing a newer grsecurity snapshot.
856
857 *hardened-sources-2.6.20 (25 Mar 2007)
858
859 25 Mar 2007; Christian Heim <phreak@gentoo.org>
860 +hardened-sources-2.6.20.ebuild:
861 Finally a hardened-sources version for 2.6.20; many people have been waiting
862 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
863 testbox.
864
865 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
866 hardened-sources-2.6.18-r6.ebuild:
867 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
868
869 *hardened-sources-2.6.18-r6 (16 Mar 2007)
870
871 16 Mar 2007; Christian Heim <phreak@gentoo.org>
872 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
873 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
874 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
875 supposed to be.
876
877 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
878 Fixing the Manifest, the previous one was broken (as in still had the
879 deleted ebuild in it).
880
881 06 Mar 2007; Christian Heim <phreak@gentoo.org>
882 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
883 +hardened-sources-2.6.18-r5.ebuild:
884 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
885 Linux 2.6.18.8. Also cleaning up the older version.
886
887 *hardened-sources-2.6.18-r5 (06 Mar 2007)
888
889 06 Mar 2007; Christian Heim <phreak@gentoo.org>
890 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
891 +hardened-sources-2.6.18-r5.ebuild:
892 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
893 Linux 2.6.18.8. Also cleaning up the older version.
894
895 24 Feb 2007; Christian Heim <phreak@gentoo.org>
896 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
897 -hardened-sources-2.6.19-r5.ebuild:
898 Removing some of the old version, that didn't work.
899
900 *hardened-sources-2.6.19-r6 (12 Feb 2007)
901
902 12 Feb 2007; Christian Heim <phreak@gentoo.org>
903 +hardened-sources-2.6.19-r6.ebuild:
904 Revision bump, including a new grsec version fixing #166235.
905
906 *hardened-sources-2.4.34 (24 Jan 2007)
907
908 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
909 Manifest:
910 updating Manifest with checksums of new tarball and ebuild
911
912 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
913 +hardened-sources-2.4.34.ebuild:
914 I added new hardened sources 2.4 update, this is a critical path
915 security bugfix - all users of h-s are strongly advised
916 to update their existing hardened sources to this version.
917 It contains a fix for a kernel vulnerability that is pertaining
918 to the PaX changes to virtual memory management, possibly leading
919 to a local kernel exploit ... see grsecurity.net forums and homepage
920
921 23 Jan 2007; Christian Heim <phreak@gentoo.org>
922 files/digest-hardened-sources-2.6.19-r5, Manifest:
923 Fixing the patch-tarball digest.
924
925 *hardened-sources-2.6.19-r5 (23 Jan 2007)
926
927 23 Jan 2007; Christian Heim <phreak@gentoo.org>
928 +hardened-sources-2.6.19-r5.ebuild:
929 Revision bump, closing the recently discovered PaX expand_stack()
930 vulnerability.
931
932 *hardened-sources-2.6.19-r4 (14 Jan 2007)
933
934 14 Jan 2007; Christian Heim <phreak@gentoo.org>
935 +hardened-sources-2.6.19-r4.ebuild:
936 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
937 dropping the randomized PID feature.
938
939 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
940 hardened-sources-2.4.33.4.ebuild:
941 stable x86, bug #161171
942
943 *hardened-sources-2.6.19-r3 (27 Dec 2006)
944
945 27 Dec 2006; Christian Heim <phreak@gentoo.org>
946 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
947 Revision bump for bug #157186 and #158786.
948
949 *hardened-sources-2.6.18-r4 (27 Dec 2006)
950
951 27 Dec 2006; Christian Heim <phreak@gentoo.org>
952 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
953 Revision bump for bug #157186.
954
955 *hardened-sources-2.6.19-r2 (23 Dec 2006)
956
957 23 Dec 2006; Christian Heim <phreak@gentoo.org>
958 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
959 Revision bump to pull in genpatches-2.6.19-3 for #157186.
960
961 17 Dec 2006; Christian Heim <phreak@gentoo.org>
962 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
963 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
964 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
965 hardened-sources-2.6.19-r1.ebuild:
966 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
967 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
968
969 *hardened-sources-2.4.33.4 (17 Dec 2006)
970
971 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
972 +hardened-sources-2.4.33.4.ebuild:
973 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
974 and quilting
975
976 *hardened-sources-2.6.19-r1 (14 Dec 2006)
977
978 14 Dec 2006; Christian Heim <phreak@gentoo.org>
979 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
980 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
981 for reporting).
982
983 *hardened-sources-2.6.19 (13 Dec 2006)
984
985 13 Dec 2006; Christian Heim <phreak@gentoo.org>
986 +hardened-sources-2.6.19.ebuild:
987 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
988 Brad for providing that prompt update.
989
990 *hardened-sources-2.6.18-r3 (13 Dec 2006)
991
992 13 Dec 2006; Christian Heim <phreak@gentoo.org>
993 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
994 +hardened-sources-2.6.18-r3.ebuild:
995 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
996 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
997
998 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
999 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
1000
1001 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
1002 Stable on ppc wrt bug 157356
1003
1004 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
1005 hardened-sources-2.6.18.ebuild:
1006 stable x86, bug #157356
1007
1008 *hardened-sources-2.6.18-r2 (06 Dec 2006)
1009
1010 06 Dec 2006; Christian Heim <phreak@gentoo.org>
1011 +hardened-sources-2.6.18-r2.ebuild:
1012 Revision bump, including 2.6.18.5 (via genpatches) and
1013 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
1014 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
1015 redesign.
1016
1017 06 Dec 2006; Christian Heim <phreak@gentoo.org>
1018 hardened-sources-2.6.18.ebuild:
1019 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
1020 of Mike Doty).
1021
1022 *hardened-sources-2.6.18-r1 (23 Nov 2006)
1023
1024 23 Nov 2006; Christian Heim <phreak@gentoo.org>
1025 +hardened-sources-2.6.18-r1.ebuild:
1026 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
1027
1028 *hardened-sources-2.6.18 (11 Nov 2006)
1029
1030 11 Nov 2006; Christian Heim <phreak@gentoo.org>
1031 +hardened-sources-2.6.18.ebuild:
1032 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
1033
1034 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1035 - mark amd64 stable also. bug #151877
1036
1037 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1038 - mark 2.6.17-r1 stable
1039
1040 27 Aug 2006; Christian Heim <phreak@gentoo.org>
1041 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
1042 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
1043
1044 *hardened-sources-2.6.17-r1 (26 Aug 2006)
1045
1046 26 Aug 2006; Christian Heim <phreak@gentoo.org>
1047 +hardened-sources-2.6.17-r1.ebuild:
1048 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
1049 grsecurity patch.
1050
1051 *hardened-sources-2.6.17 (17 Aug 2006)
1052
1053 17 Aug 2006; Christian Heim <phreak@gentoo.org>
1054 +hardened-sources-2.6.17.ebuild:
1055 Bumping the hardened-sources-2.6 series to 2.6.17, using
1056 genpatches-2.6.17-6.base.
1057
1058 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1059 - stable on x86 and amd64
1060
1061 *hardened-sources-2.6.16-r11 (15 Jul 2006)
1062
1063 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1064 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1065 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1066 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1067 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1068 crusty ebuilds
1069
1070 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1071 hardened-sources-2.6.16-r10.ebuild:
1072 marking stable on x86 and amd64
1073
1074 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1075 - 2.4.32-r6 stable on x86. RSBAC state unknown
1076
1077 *hardened-sources-2.4.32-r7 (10 Jul 2006)
1078
1079 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1080 +hardened-sources-2.4.32-r7.ebuild:
1081 Bump PaX for RSBAC to test-17
1082
1083 *hardened-sources-2.6.16-r9 (03 Jul 2006)
1084
1085 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1086 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1087 hardened-sources-2.6.16 bump to latest -base.
1088
1089 *hardened-sources-2.4.32-r6 (30 Jun 2006)
1090
1091 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1092 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1093 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1094 sysctl controlable resource logging
1095
1096 *hardened-sources-2.6.16-r7 (05 Jun 2006)
1097
1098 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1099 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1100 push new 2.6.16 release in preparation for stable
1101
1102 22 May 2006; <solar@gentoo.org> :
1103 - redigest bug 134002
1104
1105 *hardened-sources-2.4.32-r5 (16 May 2006)
1106
1107 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1108 +hardened-sources-2.4.32-r5.ebuild:
1109 Fixes rsbac common patching (new patch in new -r5 patchset)
1110
1111 *hardened-sources-2.4.32-r4 (13 May 2006)
1112
1113 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1114 +hardened-sources-2.4.32-r4.ebuild:
1115 - security bumps
1116
1117 *hardened-sources-2.6.16-r6 (03 May 2006)
1118
1119 03 May 2006; John Mylchreest <johnm@gentoo.org>
1120 +hardened-sources-2.6.16-r6.ebuild:
1121 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1122
1123 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1124 hardened-sources-2.6.14-r8.ebuild:
1125 fix x86_64 build problem, this will delay the digest issue again for a short
1126 while but it will sort itself out
1127
1128 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1129 hardened-sources-2.6.14-r8.ebuild:
1130 bump hardened patchset
1131
1132 27 Apr 2006; Alec Warner <antarus@gentoo.org>
1133 files/digest-hardened-sources-2.4.32-r2,
1134 files/digest-hardened-sources-2.4.32-r3,
1135 files/digest-hardened-sources-2.6.14-r8, Manifest:
1136 Fixing duff SHA256 digests: Bug # 131293
1137
1138 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1139
1140 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1141 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1142 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1143 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1144 cleanup of old uneccessary sources
1145
1146 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1147 fix digest
1148
1149 *hardened-sources-2.6.14-r8 (20 Apr 2006)
1150
1151 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1152 +hardened-sources-2.6.14-r8.ebuild:
1153 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1154
1155 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1156 Turning on gpg-signing again, and recomitting
1157
1158 *hardened-sources-2.6.16-r4 (20 Apr 2006)
1159
1160 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1161 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1162 +hardened-sources-2.6.16-r4.ebuild:
1163 Fix numerous security vulns
1164
1165 *hardened-sources-2.4.32-r3 (16 Apr 2006)
1166
1167 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1168 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1169 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1170 - security bump for bug #112791. Removed old ebuilds
1171
1172 *hardened-sources-2.6.16-r3 (15 Apr 2006)
1173
1174 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1175 +hardened-sources-2.6.16-r3.ebuild:
1176 Removing silly localversion which I missed
1177
1178 *hardened-sources-2.6.14-r7 (14 Apr 2006)
1179
1180 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1181 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1182 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1183
1184 *hardened-sources-2.6.16-r2 (13 Apr 2006)
1185
1186 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1187 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1188 +hardened-sources-2.6.16-r2.ebuild:
1189 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1190 labels, dropping USERGROUP define fixes, since these were merged mainstream.
1191
1192 *hardened-sources-2.6.16-r1 (11 Apr 2006)
1193
1194 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1195 +hardened-sources-2.6.16-r1.ebuild:
1196 Bumping to include ppc build fix and 2.6.16.3
1197
1198 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1199 hardened-sources-2.6.14-r6.ebuild:
1200 Stable on x86; bug #127718
1201
1202 *hardened-sources-2.6.16 (31 Mar 2006)
1203
1204 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1205 +hardened-sources-2.6.16.ebuild:
1206 Bumping to new version of grsec, and kernel base. New squashfs. Based on
1207 2.6.16.1
1208
1209 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1210 hardened-sources-2.6.14-r6.ebuild:
1211 Stable on amd64, bug 127718.
1212
1213 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1214 Stable on ppc. Bug #127718
1215
1216 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1217 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1218 -hardened-sources-2.6.14-r4.ebuild:
1219 Cleanup.
1220
1221 *hardened-sources-2.6.14-r6 (15 Mar 2006)
1222
1223 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1224 +hardened-sources-2.6.14-r6.ebuild:
1225 Fixes grsec policy recreation bug and adds a
1226 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1227
1228 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1229 - stable on x86
1230
1231 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1232 hardened-sources-2.6.14-r5.ebuild:
1233 Stable on ppc.
1234
1235 *hardened-sources-2.6.14-r5 (01 Feb 2006)
1236
1237 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1238 +hardened-sources-2.6.14-r5.ebuild:
1239 fixing every known exploit
1240
1241 *hardened-sources-2.4.32-r2 (26 Jan 2006)
1242
1243 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1244 +hardened-sources-2.4.32-r2.ebuild:
1245 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1246
1247 *hardened-sources-2.6.14-r4 (12 Jan 2006)
1248
1249 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1250 - version bump for new genpatches which fix up a few sec holes
1251
1252 *hardened-sources-2.4.32-r1 (05 Jan 2006)
1253
1254 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1255 - revision bump to add misc vital linux kernel security patches.
1256
1257 *hardened-sources-2.6.14-r3 (30 Dec 2005)
1258
1259 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1260 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1261 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1262
1263 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1264 hardened-sources-2.6.14-r2.ebuild:
1265 making x86 & amd64 stable following testing.
1266
1267 *hardened-sources-2.6.14-r2 (27 Dec 2005)
1268
1269 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1270 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1271 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1272 network hooks.
1273
1274 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1275 hardened-sources-2.6.14-r1.ebuild:
1276 bumping to stable early for sec fix on x86 & amd64
1277
1278 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1279
1280 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1281 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1282 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1283
1284 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1285 - stable on x86 security bug #114227 CAN-2005-3257
1286
1287 *hardened-sources-2.4.32 (19 Nov 2005)
1288
1289 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1290 +hardened-sources-2.4.32.ebuild:
1291 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1292 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1293 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1294 rsbac >> /etc/portage/package.use)
1295
1296 *hardened-sources-2.6.14 (14 Nov 2005)
1297
1298 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1299 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1300 Bumping 2.6 series to 2.6.14.2
1301
1302 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1303
1304 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1305 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1306 +hardened-sources-2.6.13-r2.ebuild:
1307 Fixes minor build error in ppc.
1308
1309 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1310
1311 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1312 +hardened-sources-2.6.13-r1.ebuild:
1313 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1314 2.6.13.4, fixes some major amd64 stability problems.
1315
1316 *hardened-sources-2.6.13 (16 Sep 2005)
1317
1318 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1319 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1320 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1321 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1322 users should test this thoroughly.
1323
1324 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1325 - stable on x86
1326
1327 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1328
1329 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1330 +hardened-sources-2.6.11-r15.ebuild:
1331 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1332 grsec redefining curr_ip struct.
1333
1334 *hardened-sources-2.4.31 (20 Jun 2005)
1335
1336 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1337 initial import of 2.4.31 tree
1338
1339 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1340
1341 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1342 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1343 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1344 naming scheme to abide by genpatches
1345
1346 *hardened-sources-2.6.11-r13 (18 May 2005)
1347
1348 18 May 2005; John Mylchreest <johnm@gentoo.org>
1349 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1350 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1351 target. sorry about that. Fixes bug #93022
1352
1353 *hardened-sources-2.6.11-r12 (17 May 2005)
1354
1355 17 May 2005; John Mylchreest <johnm@gentoo.org>
1356 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1357 +hardened-sources-2.6.11-r12.ebuild:
1358 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1359 merges in genpatches-base
1360
1361 *hardened-sources-2.6.11-r12 (17 May 2005)
1362
1363 17 May 2005; John Mylchreest <johnm@gentoo.org>
1364 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1365 +hardened-sources-2.6.11-r12.ebuild:
1366 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1367 merges in genpatches-base
1368
1369 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1370 -files/2.4.27-cmdline-race.patch,
1371 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1372 -files/2.4.28-grsec-binfmt_a.out.patch,
1373 -files/2.4.28-grsec-cmdline-race.patch,
1374 -files/2.4.28-selinux-binfmt_a.out.patch,
1375 -files/2.4.28-selinux-cmdline-race.patch,
1376 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1377 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1378 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1379 cleanup..
1380
1381 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1382
1383 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1384 - disable aout by default
1385
1386 *hardened-sources-2.4.30 (18 Apr 2005)
1387
1388 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1389 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1390 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1391 use
1392
1393 *hardened-sources-2.4.29 (30 Mar 2005)
1394
1395 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1396 +hardened-sources-2.4.29.ebuild:
1397 New hardened-patches-2.4-29.0 patchball.
1398 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1399
1400 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1401
1402 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1403 +hardened-sources-2.4.28-r5.ebuild:
1404 Added a fix for a PaX vulnerability.
1405
1406 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1407 hardened-sources-2.4.28-r4.ebuild:
1408 Stable on x86
1409
1410 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1411 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1412 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1413 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1414 - fixed/added RDEPEND= in all kernel-2 ebuilds
1415
1416 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1417
1418 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1419 +hardened-sources-2.4.28-r4.ebuild:
1420 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1421 backport of neighbour hash updates.
1422
1423 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1424 hardened-sources-2.4.28-r3.ebuild:
1425 Stable on x86
1426
1427 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1428
1429 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1430 +hardened-sources-2.6.10-r3.ebuild:
1431 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1432 in 2005.0
1433
1434 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1435 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1436 hardened-sources-2.4.28-r2.ebuild:
1437 Mark stable on x86
1438
1439 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1440
1441 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1442 +hardened-sources-2.4.28-r3.ebuild:
1443 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1444
1445 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1446 hardened-sources-2.4.28.ebuild:
1447 Mark stable on x86.
1448
1449 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1450
1451 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1452 +hardened-sources-2.4.28-r2.ebuild:
1453 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1454 Mazinger for grsecurity patches as well.
1455
1456 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1457
1458 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1459 Security bump. Thank tocharian for rolling a new patchset...
1460
1461 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1462 +files/2.4.28-grsec-cmdline-race.patch,
1463 +files/2.4.28-selinux-binfmt_a.out.patch,
1464 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1465 - Round up remaining security patches that appear to be missing in 2.4.28. -
1466 PaX standalone updated to current. hgpv=28.1
1467
1468 *hardened-sources-2.4.28 (28 Nov 2004)
1469
1470 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1471 security bump. Thank tocharian for rolling a new patchset
1472
1473 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1474
1475 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1476 +hardened-sources-2.4.27-r3.ebuild:
1477 Applies the new 2.4-27.2 patchball which updates
1478 GRSecurity to the 2.0.1 version.
1479
1480 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1481
1482 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1483 +hardened-sources-2.4.27-r2.ebuild:
1484 Version bump.
1485 This version uses the new 2.4-27.1 patchball which updates
1486 both the SELinux PaX hooks patch and the SELinux headers.
1487
1488 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1489
1490 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1491 +hardened-sources-2.4.27-r1.ebuild,
1492 -hardened-sources-2.4.27.ebuild,
1493 +files/2.4.27-cmdline-race.patch:
1494 Version bump, fix for cmdline race. See bug #59905.
1495
1496 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1497
1498 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1499 +hardened-sources-2.4.26-r6.ebuild,
1500 -hardened-sources-2.4.26-r5.ebuild,
1501 -hardened-sources-2.4.26-r4.ebuild,
1502 +files/2.4.26-cmdline-race.patch:
1503 Version bump, fix for cmdline race. See bug #59905.
1504
1505 *hardened-sources-2.4.27 (08 Aug 2004)
1506
1507 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1508 +hardened-sources-2.4.27.ebuild,
1509 +files/2.4.27-CAN-2004-0394.patch:
1510 Ported the patchball to the 2.4.27 kernel version.
1511
1512 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1513
1514 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1515 +hardened-sources-2.4.26-r5.ebuild:
1516 Updated to use the new hardened-patches-2.4-26.1 patchball.
1517 It adds the following features:
1518 - Squashfs
1519 - Ebtables
1520 - Netdev random (core+drivers)
1521 - Watchdog Timer (WDT) fix.
1522
1523 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1524
1525 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1526 +hardened-sources-2.4.26-r4.ebuild,
1527 +files/2.4.26-CAN-2004-0415.patch,
1528 -hardened-sources-2.4.26-3:
1529 Version bump, fix for CAN 0415, see bug #59378.
1530
1531 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1532
1533 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1534 +hardened-sources-2.4.26-r3.ebuild,
1535 +files/2.4.26-CAN-2004-0497.patch,
1536 -hardened-sources-2.4.26-r2.ebuild:
1537 Version bump, fixed CAN 0497, see bug #56171.
1538
1539 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1540
1541 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1542 +hardened-sources-2.4.26-r2.ebuild,
1543 +files/2.4.26-CAN-2004-0495.patch,
1544 +files/2.4.26-CAN-2004-0535.patch,
1545 -hardened-sources-2.4.26-r1.ebuild:
1546 Fixes for both CAN 0495 and 0535, see bug #54976
1547
1548 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1549 hardened-sources-2.4.26-r1.ebuild:
1550 QA - fix use invocation
1551
1552 *hardened-sources-2.4.26-r1 (22 June 2004)
1553
1554 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1555 +hardened-sources-2.4.26-r1.ebuild,
1556 +files/2.4.26-CAN-2004-0394.patch,
1557 +files/2.4.26-signal-race.patch,
1558 -hardened-sources-2.4.26.ebuild,
1559 -hardened-sources-2.4.24-r3.ebuild:
1560 Version bump for the CAN-2004-0394 issue and bug #53804
1561 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1562
1563
1564 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1565 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1566 Masked hardened-sources-2.4.26.ebuild broken for ppc
1567
1568 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1569 hardened-sources-2.4.24-r3.ebuild:
1570 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1571
1572 *hardened-sources-2.4.26 (29 May 2004)
1573
1574 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1575 +hardened-sources-2.4.26.ebuild:
1576 Updated hardened-sources for the 2.4.26 kernel
1577 Removed broken components, updated almost everything.
1578
1579 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1580
1581 17 Apr 2004; <plasmaroo@gentoo.org>
1582 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1583 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1584 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1585 +hardened-sources-2.4.24-r3.ebuild:
1586 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1587 vulnerabilities. Old revisions removed.
1588
1589 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1590
1591 15 Apr 2004; <plasmaroo@gentoo.org>
1592 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1593 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1594 Version bump for the CAN-2004-0109 issue; bug #47881.
1595
1596 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1597 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1598 Add eutils to inherit.
1599
1600 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1601
1602 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1603 files/hardened-sources-2.4.24.munmap.patch:
1604 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1605
1606 *hardened-sources-2.4.24 (06 Feb 2004)
1607
1608 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1609 hardened-sources-2.4.24.ebuild:
1610 Version bump, updated most of the components.
1611 This release includes the following:
1612
1613 - Hardened security
1614 - Netfilter patch-o-matic 20031219
1615 - FreeSWAN 2.04 & x509 1.4.8
1616 - EVMS 2.2.2
1617 - XFS 1.3.1
1618 - cryptoloop jari
1619 - grsecurity 2.0-rc4
1620 - SELinux
1621 - PaX 200402060000
1622 - PaX Obscurity 200308302223
1623 - Others...
1624
1625 Neither -ck nor systrace are included anymore.
1626
1627 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1628
1629 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1630 hardened-sources-2.4.22-r2.ebuild:
1631 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1632
1633 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1634
1635 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1636 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1637
1638 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1639 hardened-sources-2.4.22-r1.ebuild:
1640 Version bump for the 'do_brk' vulnerability.
1641
1642 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1643 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1644 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1645 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1646 Fix the 'do_brk' vulnerability.
1647
1648 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1649 hardened-sources-2.4.22.ebuild:
1650 - Removed the src_install() portion for SELinux flask
1651 components. These are no longer handled in the kernel
1652 so this code was not necessary.
1653
1654 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1655 New 2.4.22 based hardened-sources thanks to
1656 Phil West <p.west@computer.org>.
1657
1658 These sources include:
1659 - New SELinux API
1660 - Updated CK-base
1661 - Updated GRSec
1662 - Systrace
1663 - SuperFreeS/WAN 1.99.8
1664 - Propolice kernel build support
1665 - EVMS
1666 - Other various security related patches
1667
1668 *hardened-sources-2.4.21 (14 Sep 2003)
1669
1670 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1671 Updated hardened-sources based on the 2.4.21 Linux kernel.
1672 This includes updates to most major components such as:
1673 - ck-base-0306300059
1674 - selinux-2.4-2003071106
1675 - grsecurity-2.0-rc1
1676 - Updated IPTables patch-o-matic
1677 - Updated SuperFreeS/WAN
1678
1679 Thanks to Phil West <pwest@computer.org> for his work in getting this
1680 updated patch set ready for the 2.4.21 based kernel.
1681
1682 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1683 Initial import of hardened-sources-2.4.20-r4. This revision
1684 includes only a few changes, but one of these is an important
1685 security fix. It is recommended all users of hardened-sources
1686 upgrade to this release.
1687
1688 - ioperm bug fix
1689 - fixed compilation failure when building without GRSec
1690
1691 SAL (Secure Auditing for Linux) is NOT included in this revision
1692 due to time constraints, but is planned for inclusion in the near
1693 future.
1694
1695 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1696
1697 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1698 hardened-sources-2.4.20-r3.ebuild:
1699 Add Header...
1700
1701 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1702 hardened-sources-2.4.20-r3.ebuild:
1703 Removed warnings from ebuild. This kernel should be safe to
1704 use at this point.
1705
1706 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1707
1708 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1709 hardened-sources-2.4.20-r3.ebuild:
1710 New revision. Includes the following changes over -r2:
1711
1712 - ck7-base (O(1), preempt, low latency)
1713 - Super FreeS/WAN 1.99.7rc2
1714 - PaX for the LSM/SELinux branch
1715 - GRSecurity 2.0-pre4 (role based access control)
1716 - Systrace 1.3
1717 - EXT3 fixes
1718 - EVMS 2.0.1
1719 - GCC 3.1+ compile optimizations
1720 - ProPolice kernel build support
1721 - Hashing table security fixes
1722
1723 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1724
1725 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1726 Initial import of hardened-sources-r2. This new
1727 ebuild includes many new performance and security
1728 related patches. As in -r1, it will patch in
1729 LSM/SELinux if "selinux" is in USE, otherwise it
1730 will patch in GRSecurity. The following patches
1731 are included in this revision:
1732
1733 - O(1) Scheduler, Low Latency, and Preempt
1734 (pulled from the base CK patch)
1735 - ptrace exploit patch for the LSM kernel
1736 (the GRSec patch already fixes this)
1737 - LSM 2.4-2003040709
1738 - SELinux 2.4-2003040709
1739 - Systrace v1.2
1740 - IPTables patch-o-matic base patches - 20030107
1741 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1742 - Super FreeS/WAN 1.99.6.1
1743 - GRSecurity 1.9.9g
1744 - MPPE
1745 - EXT3 data journal fix
1746 - CIPE 1.5.4
1747
1748 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1749 hardened-sources-2.4.20-r1.ebuild, manifest:
1750 Updated to install flask components correctly for selinux.
1751
1752 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1753 hardened-sources-2.4.20-r1.ebuild:
1754 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1755 is patched in instead. Ptrace patches for selinux have also been added. In
1756 either case, systrace support will be patched in as well.
1757
1758 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1759 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1760 Revision bump for new sources.
1761
1762 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1763 hardened-sources-2.4.20-r1.ebuild:
1764 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1765
1766 *hardened-sources-2.4.20 (30 Mar 2003)
1767
1768 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1769 hardened-sources-2.4.20.ebuild:
1770 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20