/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.297 - (show annotations) (download)
Wed Mar 18 19:22:49 2009 UTC (5 years, 3 months ago) by gengor
Branch: MAIN
Changes since 1.296: +8 -1 lines
Add sys-kernel/hardened-sources-2.6.28-r4
(Portage version: 2.1.6.7/cvs/Linux i686)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.296 2009/03/17 03:04:45 gengor Exp $
4
5 *hardened-sources-2.6.28-r4 (18 Mar 2009)
6
7 18 Mar 2009; Gordon Malm <gengor@gentoo.org>
8 +hardened-sources-2.6.28-r4.ebuild:
9 Bump to Linux 2.6.28.8. PaX update fixes oops in SANITIZE feature,
10 compilation with CPA_DEBUG and more.
11
12 17 Mar 2009; Gordon Malm <gengor@gentoo.org>
13 hardened-sources-2.6.28-r3.ebuild:
14 Quick stable amd64/x86.
15
16 *hardened-sources-2.6.28-r3 (15 Mar 2009)
17
18 15 Mar 2009; Gordon Malm <gengor@gentoo.org>
19 +hardened-sources-2.6.28-r3.ebuild:
20 Adds latest PaX changes fixing some boot issues, ext4 fixes for bug #262507.
21
22 14 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r2.ebuild:
23 ppc stable
24
25 13 Mar 2009; Gordon Malm <gengor@gentoo.org>
26 hardened-sources-2.6.28-r2.ebuild:
27 Stable amd64/x86.
28
29 *hardened-sources-2.6.28-r2 (11 Mar 2009)
30
31 11 Mar 2009; Gordon Malm <gengor@gentoo.org>
32 +hardened-sources-2.6.28-r2.ebuild:
33 Version bump bringing in latest grsecurity patch.
34
35 *hardened-sources-2.6.28-r1 (09 Mar 2009)
36
37 09 Mar 2009; Gordon Malm <gengor@gentoo.org>
38 -hardened-sources-2.6.28.ebuild, +hardened-sources-2.6.28-r1.ebuild:
39 Version bump and remove old.
40
41 07 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.27-r8.ebuild:
42 ppc stable
43
44 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
45 hardened-sources-2.6.27-r8.ebuild:
46 Remove amd64 testing keyword, bug 256226.
47
48 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
49 hardened-sources-2.6.27-r8.ebuild:
50 Revert amd64 stable, bug #256226.
51
52 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
53 hardened-sources-2.6.27-r8.ebuild:
54 Stable on amd64/x86.
55
56 24 Feb 2009; Gordon Malm <gengor@gentoo.org>
57 -hardened-sources-2.6.27-r6.ebuild:
58 Remove old 2.6.27 release.
59
60 *hardened-sources-2.6.27-r8 (24 Feb 2009)
61
62 24 Feb 2009; Gordon Malm <gengor@gentoo.org>
63 +hardened-sources-2.6.27-r8.ebuild:
64 Bump to latest genpatches, Linux 2.6.27.19, PaX updates. Fixes bug #256067
65 and probably more.
66
67 04 Feb 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.26-r9.ebuild:
68 ppc stable
69
70 *hardened-sources-2.6.28 (25 Jan 2009)
71
72 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
73 +hardened-sources-2.6.28.ebuild:
74 Initial 2.6.28 release.
75
76 *hardened-sources-2.6.27-r7 (25 Jan 2009)
77
78 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
79 +hardened-sources-2.6.27-r7.ebuild:
80 Bump to Linux 2.6.27.13.
81
82 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
83 hardened-sources-2.6.26-r9.ebuild:
84 Stable amd64/x86.
85
86 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
87 -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
88 -hardened-sources-2.6.27-r5.ebuild:
89 Remove problem versions.
90
91 *hardened-sources-2.6.27-r6 (24 Jan 2009)
92
93 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
94 +hardened-sources-2.6.27-r6.ebuild:
95 Revert PaX test29 to test30 changes. Fixes bug 256226.
96
97 *hardened-sources-2.6.27-r5 (24 Jan 2009)
98
99 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
100 +hardened-sources-2.6.27-r5.ebuild:
101 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
102 254843.
103
104 23 Jan 2009; Gordon Malm <gengor@gentoo.org>
105 -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
106 -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
107 Remove problem versions.
108
109 23 Jan 2009; nixnut <nixnut@gentoo.org>
110 hardened-sources-2.6.25-r13.ebuild:
111 ppc stable
112
113 21 Jan 2009; Gordon Malm <gengor@gentoo.org>
114 hardened-sources-2.6.25-r13.ebuild:
115 Fasttrack stable amd64/x86.
116
117 *hardened-sources-2.6.26-r9 (21 Jan 2009)
118
119 21 Jan 2009; Gordon Malm <gengor@gentoo.org>
120 +hardened-sources-2.6.26-r9.ebuild:
121 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
122
123 *hardened-sources-2.6.25-r13 (20 Jan 2009)
124
125 20 Jan 2009; Gordon Malm <gengor@gentoo.org>
126 +hardened-sources-2.6.25-r13.ebuild:
127 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
128
129 20 Jan 2009; nixnut <nixnut@gentoo.org>
130 hardened-sources-2.6.25-r12.ebuild:
131 ppc stable
132
133 17 Jan 2009; Gordon Malm <gengor@gentoo.org>
134 hardened-sources-2.6.25-r12.ebuild:
135 Stable amd64/x86.
136
137 14 Jan 2009; Gordon Malm <gengor@gentoo.org>
138 -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
139 -hardened-sources-2.6.27-r2.ebuild:
140 Clean out old versions.
141
142 *hardened-sources-2.6.27-r4 (14 Jan 2009)
143 *hardened-sources-2.6.26-r8 (14 Jan 2009)
144 *hardened-sources-2.6.25-r12 (14 Jan 2009)
145
146 14 Jan 2009; Gordon Malm <gengor@gentoo.org>
147 +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
148 +hardened-sources-2.6.27-r4.ebuild:
149 2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
150 2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
151 2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
152 grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
153
154 15 Dec 2008; nixnut <nixnut@gentoo.org>
155 hardened-sources-2.6.25-r11.ebuild:
156 Stable on ppc
157
158 09 Dec 2008; Gordon Malm <gengor@gentoo.org>
159 hardened-sources-2.6.25-r11.ebuild:
160 Stable amd64/x86.
161
162 *hardened-sources-2.6.27-r3 (07 Dec 2008)
163
164 07 Dec 2008; Gordon Malm <gengor@gentoo.org>
165 +hardened-sources-2.6.27-r3.ebuild:
166 Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
167 Fixes bug #248754, #249729 and #246607.
168
169 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
170 -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
171 Remove old versions.
172
173 *hardened-sources-2.6.26-r7 (03 Dec 2008)
174 *hardened-sources-2.6.25-r11 (03 Dec 2008)
175
176 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
177 +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
178 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
179 2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
180 Both include many backports from 2.6.27.{6,7} -stable releases.
181
182 24 Nov 2008; Gordon Malm <gengor@gentoo.org>
183 -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
184 Remove versions broken on ARCHes != x86/amd64.
185
186 *hardened-sources-2.6.27-r2 (24 Nov 2008)
187
188 24 Nov 2008; Gordon Malm <gengor@gentoo.org>
189 +hardened-sources-2.6.27-r2.ebuild:
190 Bump to Linux 2.6.27.7 and latest grsecurity patch.
191
192 19 Nov 2008; Gordon Malm <gengor@gentoo.org>
193 -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
194 Remove old versions.
195
196 19 Nov 2008; Gordon Malm <gengor@gentoo.org>
197 hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
198 Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
199
200 16 Nov 2008; nixnut <nixnut@gentoo.org>
201 hardened-sources-2.6.25-r10.ebuild:
202 Stable on ppc
203
204 15 Nov 2008; Gordon Malm <gengor@gentoo.org>
205 hardened-sources-2.6.25-r10.ebuild:
206 Stable amd64/x86.
207
208 *hardened-sources-2.6.26-r6 (12 Nov 2008)
209
210 12 Nov 2008; Gordon Malm <gengor@gentoo.org>
211 +hardened-sources-2.6.26-r6.ebuild:
212 Bump to Linux 2.6.26.8 and fix security bug #245650.
213
214 *hardened-sources-2.6.25-r10 (12 Nov 2008)
215
216 12 Nov 2008; Gordon Malm <gengor@gentoo.org>
217 +hardened-sources-2.6.25-r10.ebuild:
218 Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
219
220 *hardened-sources-2.6.27-r1 (09 Nov 2008)
221
222 09 Nov 2008; Gordon Malm <gengor@gentoo.org>
223 +hardened-sources-2.6.27-r1.ebuild:
224 Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
225
226 *hardened-sources-2.6.27 (04 Nov 2008)
227
228 04 Nov 2008; Gordon Malm <gengor@gentoo.org>
229 +hardened-sources-2.6.27.ebuild:
230 Initial 2.6.27 release.
231
232 *hardened-sources-2.6.26-r5 (03 Nov 2008)
233
234 03 Nov 2008; Gordon Malm <gengor@gentoo.org>
235 -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
236 +hardened-sources-2.6.26-r5.ebuild:
237 2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
238 Clean out some old versions.
239
240 02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
241 Stable on ppc
242
243 30 Oct 2008; Gordon Malm <gengor@gentoo.org>
244 hardened-sources-2.6.25-r9.ebuild:
245 Stable on amd64/x86.
246
247 *hardened-sources-2.6.25-r9 (26 Oct 2008)
248
249 26 Oct 2008; Gordon Malm <gengor@gentoo.org>
250 +hardened-sources-2.6.25-r9.ebuild:
251 Update to Linux 2.6.25.19
252
253 15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
254 Stable on ppc
255
256 *hardened-sources-2.6.26-r4 (14 Oct 2008)
257
258 14 Oct 2008; Gordon Malm <gengor@gentoo.org>
259 -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
260 Update to latest grsecurity patch, fixing building of non-modular kernels.
261
262 *hardened-sources-2.6.26-r3 (12 Oct 2008)
263
264 12 Oct 2008; Gordon Malm <gengor@gentoo.org>
265 hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
266 +hardened-sources-2.6.26-r3.ebuild:
267 2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
268 2.6.26-r1: Removed.
269 2.6.25-r8: Stable amd64/x86.
270
271 *hardened-sources-2.6.25-r8 (09 Oct 2008)
272
273 09 Oct 2008; Gordon Malm <gengor@gentoo.org>
274 -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
275 -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
276 Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
277
278 20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
279 Stable on ppc
280
281 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
282 hardened-sources-2.6.25-r7.ebuild:
283 Stable amd64/x86.
284
285 *hardened-sources-2.6.26-r2 (13 Sep 2008)
286
287 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
288 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
289 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
290 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
291
292 *hardened-sources-2.6.25-r7 (13 Sep 2008)
293
294 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
295 +hardened-sources-2.6.25-r7.ebuild:
296 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
297
298 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
299 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
300 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
301 hardened-sources-2.6.26-r1.ebuild:
302 Update DESCRIPTION and HGPV_URI.
303
304 *hardened-sources-2.6.25-r6 (09 Sep 2008)
305
306 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
307 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
308 2.6.25-r6: Update to Linux 2.6.25.17.
309 2.6.24-r3: Removed.
310
311 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
312 hardened-sources-2.6.25-r5.ebuild:
313 Stable on amd64/x86
314
315 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
316 Update my email address.
317
318 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
319 stable on ppc
320
321 *hardened-sources-2.6.26-r1 (23 Aug 2008)
322 *hardened-sources-2.6.25-r5 (23 Aug 2008)
323
324 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
325 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
326 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
327 +hardened-sources-2.6.26-r1.ebuild:
328 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
329 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
330 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
331 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
332 (gengor).
333
334 *hardened-sources-2.6.26 (18 Aug 2008)
335 *hardened-sources-2.6.25-r4 (18 Aug 2008)
336
337 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
338 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
339 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
340 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
341 2.6.25-r2: Removed.
342
343 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
344 Remove phreak from metadata.xml (#96398)
345
346 *hardened-sources-2.6.25-r3 (31 Jul 2008)
347
348 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
349 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
350 +hardened-sources-2.6.25-r3.ebuild:
351 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
352 fixes, including security bug #231750.
353
354 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
355 Stable on ppc
356
357 *hardened-sources-2.6.25-r2 (05 Jul 2008)
358
359 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
360 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
361 +hardened-sources-2.6.25-r2.ebuild:
362 2.6.23-r4: Stable x86/amd64
363 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
364 2.6.23-r{11,12}: Removed due to multiple vulns.
365 (gengor & kerframil)
366
367 04 Jul 2008; nixnut <nixnut@gentoo.org>
368 hardened-sources-2.6.23-r13.ebuild:
369 Stable on ppc
370
371 *hardened-sources-2.6.25-r1 (30 Jun 2008)
372
373 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
374 +hardened-sources-2.6.25-r1.ebuild:
375 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
376 grsecurity release. 2.6.23-r13: x86/amd64 stable
377
378 *hardened-sources-2.6.25 (17 Jun 2008)
379 *hardened-sources-2.6.24-r3 (17 Jun 2008)
380 *hardened-sources-2.6.23-r13 (17 Jun 2008)
381
382 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
383 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
384 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
385 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
386 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
387 2.6.25: Initial 2.6.25 release.
388
389 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
390 - fasttrack to stable x86/amd64
391
392 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
393 Fix broken digest for linux-2.6.24.tar.bz2.
394
395 *hardened-sources-2.6.24-r2 (11 May 2008)
396 *hardened-sources-2.6.23-r12 (11 May 2008)
397
398 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
399 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
400 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
401 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
402 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
403 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
404 security bugs 219901, 220691, 220975, 220979, 221123. New
405 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
406 should be removed as far as I'm concerned, everything else remove due to
407 vulnerable to numerous security bugs or brokeness.
408
409 10 May 2008; nixnut <nixnut@gentoo.org>
410 hardened-sources-2.6.23-r11.ebuild:
411 Stable on ppc
412
413 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
414 - -r11 stable on x86/amd64
415
416 *hardened-sources-2.6.23-r11 (01 May 2008)
417
418 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
419 - version bump to fix ulgy linux bugs
420
421 *hardened-sources-2.6.24-r1 (30 Apr 2008)
422
423 30 Apr 2008; Christian Heim <phreak@gentoo.org>
424 +hardened-sources-2.6.24-r1.ebuild:
425 Revision bump (thanks to Kerin and Gordon, again), pulling
426 genpatches-2.6.24-7, solving #219089. Additionally contains further security
427 fixes plus some minor updates.
428
429 *hardened-sources-2.6.23-r10 (30 Apr 2008)
430
431 30 Apr 2008; Christian Heim <phreak@gentoo.org>
432 +hardened-sources-2.6.23-r10.ebuild:
433 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
434 Additional contains "various other fixes".
435
436 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
437 Update the longdescription in metadata, thanks to Gordon Malm.
438
439 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
440 Stable on ppc wrt bug #213255
441
442 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
443 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
444 - stable on x86/amd64 per request. Removed obsolete ebuilds
445
446 *hardened-sources-2.6.24 (07 Apr 2008)
447
448 07 Apr 2008; Christian Heim <phreak@gentoo.org>
449 +hardened-sources-2.6.24.ebuild:
450 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
451 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
452 for the many contributions and their continued effort in #216612) based on
453 2.6.24 and genpatches-2.6.24-5.
454
455 The current ebuild/patchset contains these things:
456 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
457 * Introduces bespoke server and workstation oriented security levels
458 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
459
460 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
461 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
462 maintaining it).
463
464 24 Mar 2008; Christian Heim <phreak@gentoo.org>
465 hardened-sources-2.4.35-r2.ebuild:
466 Fixing SRC_URI for 2.4.35-r2.
467
468 *hardened-sources-2.6.23-r9 (22 Mar 2008)
469
470 22 Mar 2008; Christian Heim <phreak@gentoo.org>
471 +hardened-sources-2.6.23-r9.ebuild:
472 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
473 * Change the default GIDs for some grsecurity options
474 * Revamp the Hardened [Gentoo] security level and make it the default level
475 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
476 * Fix a recursive lock -- call to capable() within ptrace_attach()
477 * Fix bug that allows audit and iscsi operations to be controlled via netlink
478
479 *hardened-sources-2.6.23-r8 (27 Feb 2008)
480
481 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
482 - version bump from Kerin Millar bug 210026
483
484 17 Feb 2008; <solar@gentoo.org> metadata.xml,
485 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
486 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
487 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
488 - stable on x86 and remove old ebuilds
489
490 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
491 - stable on amd64 per request of amd64 lead
492
493 *hardened-sources-2.6.23-r7 (11 Feb 2008)
494
495 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
496 - version bump from kerin.millar
497 Changes:
498
499 * Bump to genpatches-base-2.6.23-9
500 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
501 * Disables COMPAT_VDSO in x86/defconfig
502 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
503
504 25 Jan 2008; Christian Heim <phreak@gentoo.org>
505 -hardened-sources-2.6.22-r8.ebuild:
506 Cleaning up old versions.
507
508 *hardened-sources-2.6.23-r6 (25 Jan 2008)
509
510 25 Jan 2008; Christian Heim <phreak@gentoo.org>
511 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
512 Revision bump, pulling in the latest genpatches.
513
514 *hardened-sources-2.6.23-r5 (24 Dec 2007)
515
516 24 Dec 2007; Christian Heim <phreak@gentoo.org>
517 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
518 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
519 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
520 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
521
522 24 Dec 2007; Christian Heim <phreak@gentoo.org>
523 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
524 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
525 -hardened-sources-2.6.23-r3.ebuild:
526 Cleaning out some unused, old versions.
527
528 24 Dec 2007; Christian Heim <phreak@gentoo.org>
529 hardened-sources-2.6.23-r4.ebuild:
530 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
531 in the tree for long, but there isn't much of a difference between this and
532 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
533
534 *hardened-sources-2.6.23-r4 (23 Dec 2007)
535
536 23 Dec 2007; Christian Heim <phreak@gentoo.org>
537 +hardened-sources-2.6.23-r4.ebuild:
538 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
539
540 *hardened-sources-2.6.23-r3 (04 Dec 2007)
541
542 04 Dec 2007; Christian Heim <phreak@gentoo.org>
543 +hardened-sources-2.6.23-r3.ebuild:
544 Revision bump, pulling in 2.6.23.9.
545
546 *hardened-sources-2.6.23-r2 (25 Nov 2007)
547
548 25 Nov 2007; Christian Heim <phreak@gentoo.org>
549 +hardened-sources-2.6.23-r2.ebuild:
550 Updated patchset, thanks to solar.
551
552 *hardened-sources-2.6.23-r1 (31 Oct 2007)
553
554 31 Oct 2007; Christian Heim <phreak@gentoo.org>
555 +hardened-sources-2.6.23-r1.ebuild:
556 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
557
558 29 Oct 2007; <solar@gentoo.org> metadata.xml:
559 - update metadata.xml
560
561 25 Oct 2007; Christian Heim <phreak@gentoo.org>
562 hardened-sources-2.6.22-r8.ebuild:
563 Marking 2.6.22-r8 stable on amd64 and x86.
564
565 21 Oct 2007; Christian Heim <phreak@gentoo.org>
566 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
567 -hardened-sources-2.6.21-r4.ebuild:
568 Removing old ebuilds.
569
570 *hardened-sources-2.4.35-r2 (21 Oct 2007)
571
572 21 Oct 2007; Christian Heim <phreak@gentoo.org>
573 +hardened-sources-2.4.35-r2.ebuild:
574 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
575 patches.
576
577 *hardened-sources-2.6.22-r8 (21 Oct 2007)
578
579 21 Oct 2007; Christian Heim <phreak@gentoo.org>
580 +hardened-sources-2.6.22-r8.ebuild:
581 Yet another new patch, hopefully fixing the remaining issues we had w/
582 2.6.22. Candidate for stabling.
583
584 *hardened-sources-2.6.23 (13 Oct 2007)
585
586 13 Oct 2007; Christian Heim <phreak@gentoo.org>
587 +hardened-sources-2.6.23.ebuild:
588 Initial hardened-sources-2.6.23. If people still have problems w/ bug
589 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
590
591 11 Oct 2007; Christian Heim <phreak@gentoo.org>
592 hardened-sources-2.6.20-r10.ebuild:
593 Pulling in yet another new genpatches version, fixing the PWC bug for real.
594
595 04 Oct 2007; Christian Heim <phreak@gentoo.org>
596 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
597 Removing old versions.
598
599 *hardened-sources-2.6.22-r7 (01 Oct 2007)
600
601 01 Oct 2007; Christian Heim <phreak@gentoo.org>
602 +hardened-sources-2.6.22-r7.ebuild:
603 Revision bump, pulling in a newer patch. Should fix #194276.
604
605 30 Sep 2007; Christian Heim <phreak@gentoo.org>
606 hardened-sources-2.6.20-r10.ebuild:
607 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
608 Mike Doty).
609
610 *hardened-sources-2.6.22-r6 (26 Sep 2007)
611
612 26 Sep 2007; Christian Heim <phreak@gentoo.org>
613 +hardened-sources-2.6.22-r6.ebuild:
614 Revision bump, grabbing up till Linux 2.6.22.9.
615
616 24 Sep 2007; Christian Heim <phreak@gentoo.org>
617 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
618 Cleaning up further.
619
620 *hardened-sources-2.6.20-r10 (24 Sep 2007)
621
622 24 Sep 2007; Christian Heim <phreak@gentoo.org>
623 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
624 +hardened-sources-2.6.20-r10.ebuild:
625 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
626 revisions.
627
628 *hardened-sources-2.6.22-r5 (22 Sep 2007)
629
630 22 Sep 2007; Christian Heim <phreak@gentoo.org>
631 +hardened-sources-2.6.22-r5.ebuild:
632 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
633
634 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
635 Removing johnm from metadata.xml (see #186467 for reference).
636
637 *hardened-sources-2.6.22-r4 (17 Sep 2007)
638
639 17 Sep 2007; Christian Heim <phreak@gentoo.org>
640 +hardened-sources-2.6.22-r4.ebuild:
641 Revision bump, hopefully fixing all those weird PAX failures.
642
643 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
644 Updating the metadata.xml.
645
646 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
647 Removing tocharian from metadata due to his retirement (see #71718 for
648 reference).
649
650 *hardened-sources-2.6.20-r9 (30 Aug 2007)
651
652 30 Aug 2007; Christian Heim <phreak@gentoo.org>
653 +hardened-sources-2.6.20-r9.ebuild:
654 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
655
656 29 Aug 2007; Christian Heim <phreak@gentoo.org>
657 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
658 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
659 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
660 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
661 -hardened-sources-2.6.22-r2.ebuild:
662 Removing some redundant versions.
663
664 *hardened-sources-2.4.35-r1 (29 Aug 2007)
665
666 29 Aug 2007; Christian Heim <phreak@gentoo.org>
667 +hardened-sources-2.4.35-r1.ebuild:
668 Revision bump, new grsecurity patch.
669
670 *hardened-sources-2.6.20-r8 (26 Aug 2007)
671
672 26 Aug 2007; Christian Heim <phreak@gentoo.org>
673 +hardened-sources-2.6.20-r8.ebuild:
674 Revision bump for Linux 2.6.20.17.
675
676 *hardened-sources-2.6.22-r3 (22 Aug 2007)
677
678 22 Aug 2007; Christian Heim <phreak@gentoo.org>
679 +hardened-sources-2.6.22-r3.ebuild:
680 Revision bump for Linux 2.6.22.4.
681
682 16 Aug 2007; Christian Heim <phreak@gentoo.org>
683 hardened-sources-2.6.22-r2.ebuild:
684 Updated patchset, to fix the alignment against 2.6.22.3.
685
686 *hardened-sources-2.6.22-r2 (16 Aug 2007)
687
688 16 Aug 2007; Christian Heim <phreak@gentoo.org>
689 +hardened-sources-2.6.22-r2.ebuild:
690 Revision bump for Linux 2.6.22.3.
691
692 *hardened-sources-2.4.35 (16 Aug 2007)
693
694 16 Aug 2007; Christian Heim <phreak@gentoo.org>
695 +hardened-sources-2.4.35.ebuild:
696 Version bump, initial version for Linux 2.4.35.
697
698 *hardened-sources-2.6.21-r4 (16 Aug 2007)
699
700 16 Aug 2007; Christian Heim <phreak@gentoo.org>
701 +hardened-sources-2.6.21-r4.ebuild:
702 Revision bump for Linux 2.6.21.6.
703
704 *hardened-sources-2.6.20-r7 (16 Aug 2007)
705
706 16 Aug 2007; Christian Heim <phreak@gentoo.org>
707 +hardened-sources-2.6.20-r7.ebuild:
708 Revision bump for Linux 2.6.20.16.
709
710 *hardened-sources-2.6.22-r1 (13 Aug 2007)
711
712 13 Aug 2007; Christian Heim <phreak@gentoo.org>
713 +hardened-sources-2.6.22-r1.ebuild:
714 Yet another revision bump.
715
716 *hardened-sources-2.6.22 (10 Aug 2007)
717
718 10 Aug 2007; Christian Heim <phreak@gentoo.org>
719 +hardened-sources-2.6.22.ebuild:
720 Initial release for 2.6.22. If you are using hardened-sources on a desktop
721 machine (P4 or newer), be aware you might need to disable
722 CONFIG_PAX_PAGEEXEC.
723
724 04 Aug 2007; Christian Heim <phreak@gentoo.org>
725 hardened-sources-2.6.20-r6.ebuild:
726 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
727 2.6.20.15.
728
729 10 Jul 2007; Christian Heim <phreak@gentoo.org>
730 hardened-sources-2.6.20-r5.ebuild:
731 Marking hardened-sources-2.6.20-r5 stable on ppc.
732
733 10 Jul 2007; Christian Heim <phreak@gentoo.org>
734 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
735 Cleanup.
736
737 *hardened-sources-2.6.20-r6 (08 Jul 2007)
738
739 08 Jul 2007; Christian Heim <phreak@gentoo.org>
740 +hardened-sources-2.6.20-r6.ebuild:
741 Revision bump, grabbing yet another stable release.
742
743 17 Jun 2007; Christian Heim <phreak@gentoo.org>
744 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
745 -hardened-sources-2.6.21-r2.ebuild:
746 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
747 alpha stable KEYWORD by mistake.
748
749 17 Jun 2007; Christian Heim <phreak@gentoo.org>
750 hardened-sources-2.6.20-r5.ebuild:
751 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
752 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
753
754 *hardened-sources-2.6.21-r3 (12 Jun 2007)
755
756 12 Jun 2007; Christian Heim <phreak@gentoo.org>
757 +hardened-sources-2.6.21-r3.ebuild:
758 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
759 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
760 love.
761
762 *hardened-sources-2.6.20-r5 (11 Jun 2007)
763
764 11 Jun 2007; Christian Heim <phreak@gentoo.org>
765 +hardened-sources-2.6.20-r5.ebuild:
766 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
767 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
768 love.
769
770 *hardened-sources-2.4.34.5 (11 Jun 2007)
771
772 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
773 +hardened-sources-2.4.34.5.ebuild:
774 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
775
776 30 May 2007; Christian Heim <phreak@gentoo.org>
777 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
778 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
779 stale ebuild(s).
780
781 30 May 2007; Christian Heim <phreak@gentoo.org>
782 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
783 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
784 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
785 Doing some cleanups, remove stale ebuilds.
786
787 26 May 2007; Christian Heim <phreak@gentoo.org>
788 hardened-sources-2.6.21-r2.ebuild:
789 Fixing the grsecurity patch, had one '};' too much.
790
791 *hardened-sources-2.6.21-r2 (26 May 2007)
792
793 26 May 2007; Christian Heim <phreak@gentoo.org>
794 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
795 +hardened-sources-2.6.21-r2.ebuild:
796 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
797 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
798
799 *hardened-sources-2.6.20-r4 (26 May 2007)
800
801 26 May 2007; Christian Heim <phreak@gentoo.org>
802 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
803 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
804 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
805
806 15 May 2007; Christian Heim <phreak@gentoo.org>
807 hardened-sources-2.6.20-r3.ebuild:
808 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
809 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
810 grsecurity patch fail in that exact same hunk.
811
812 *hardened-sources-2.6.20-r3 (15 May 2007)
813
814 15 May 2007; Christian Heim <phreak@gentoo.org>
815 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
816 Revision bump, incorporating Linux 2.6.20.11.
817
818 *hardened-sources-2.6.21-r1 (11 May 2007)
819
820 11 May 2007; Christian Heim <phreak@gentoo.org>
821 +hardened-sources-2.6.21-r1.ebuild:
822 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
823 mentioned in #177234.
824
825 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
826 files/digest-hardened-sources-2.6.21, Manifest:
827 Fix Manifest/digest for linux-2.6.21.tar.bz2
828
829 06 May 2007; Christian Heim <phreak@gentoo.org>
830 hardened-sources-2.6.21.ebuild:
831 Bumping the hardened-patches version, needed for the fix for #177234.
832
833 *hardened-sources-2.6.21 (02 May 2007)
834
835 02 May 2007; Christian Heim <phreak@gentoo.org>
836 +hardened-sources-2.6.21.ebuild:
837 Version bump, Linux 2.6.21-hardened.
838
839 29 Apr 2007; Christian Heim <phreak@gentoo.org>
840 hardened-sources-2.6.20-r2.ebuild:
841 Adding ~ia64 on Ned's request.
842
843 29 Apr 2007; Christian Heim <phreak@gentoo.org>
844 hardened-sources-2.6.20-r2.ebuild:
845 Fixing the included grsecurity patch, wasn't alligning due to the Index:
846 header line(s).
847
848 29 Apr 2007; Christian Heim <phreak@gentoo.org>
849 hardened-sources-2.6.20-r2.ebuild:
850 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
851
852 *hardened-sources-2.6.20-r2 (10 Apr 2007)
853
854 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
855 +hardened-sources-2.6.20-r2.ebuild:
856 Version bump, on behalf of phreak
857
858 *hardened-sources-2.6.20-r1 (04 Apr 2007)
859
860 04 Apr 2007; Christian Heim <phreak@gentoo.org>
861 +hardened-sources-2.6.20-r1.ebuild:
862 Revision bump, grabbing a newer grsecurity snapshot.
863
864 *hardened-sources-2.6.20 (25 Mar 2007)
865
866 25 Mar 2007; Christian Heim <phreak@gentoo.org>
867 +hardened-sources-2.6.20.ebuild:
868 Finally a hardened-sources version for 2.6.20; many people have been waiting
869 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
870 testbox.
871
872 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
873 hardened-sources-2.6.18-r6.ebuild:
874 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
875
876 *hardened-sources-2.6.18-r6 (16 Mar 2007)
877
878 16 Mar 2007; Christian Heim <phreak@gentoo.org>
879 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
880 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
881 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
882 supposed to be.
883
884 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
885 Fixing the Manifest, the previous one was broken (as in still had the
886 deleted ebuild in it).
887
888 06 Mar 2007; Christian Heim <phreak@gentoo.org>
889 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
890 +hardened-sources-2.6.18-r5.ebuild:
891 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
892 Linux 2.6.18.8. Also cleaning up the older version.
893
894 *hardened-sources-2.6.18-r5 (06 Mar 2007)
895
896 06 Mar 2007; Christian Heim <phreak@gentoo.org>
897 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
898 +hardened-sources-2.6.18-r5.ebuild:
899 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
900 Linux 2.6.18.8. Also cleaning up the older version.
901
902 24 Feb 2007; Christian Heim <phreak@gentoo.org>
903 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
904 -hardened-sources-2.6.19-r5.ebuild:
905 Removing some of the old version, that didn't work.
906
907 *hardened-sources-2.6.19-r6 (12 Feb 2007)
908
909 12 Feb 2007; Christian Heim <phreak@gentoo.org>
910 +hardened-sources-2.6.19-r6.ebuild:
911 Revision bump, including a new grsec version fixing #166235.
912
913 *hardened-sources-2.4.34 (24 Jan 2007)
914
915 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
916 Manifest:
917 updating Manifest with checksums of new tarball and ebuild
918
919 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
920 +hardened-sources-2.4.34.ebuild:
921 I added new hardened sources 2.4 update, this is a critical path
922 security bugfix - all users of h-s are strongly advised
923 to update their existing hardened sources to this version.
924 It contains a fix for a kernel vulnerability that is pertaining
925 to the PaX changes to virtual memory management, possibly leading
926 to a local kernel exploit ... see grsecurity.net forums and homepage
927
928 23 Jan 2007; Christian Heim <phreak@gentoo.org>
929 files/digest-hardened-sources-2.6.19-r5, Manifest:
930 Fixing the patch-tarball digest.
931
932 *hardened-sources-2.6.19-r5 (23 Jan 2007)
933
934 23 Jan 2007; Christian Heim <phreak@gentoo.org>
935 +hardened-sources-2.6.19-r5.ebuild:
936 Revision bump, closing the recently discovered PaX expand_stack()
937 vulnerability.
938
939 *hardened-sources-2.6.19-r4 (14 Jan 2007)
940
941 14 Jan 2007; Christian Heim <phreak@gentoo.org>
942 +hardened-sources-2.6.19-r4.ebuild:
943 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
944 dropping the randomized PID feature.
945
946 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
947 hardened-sources-2.4.33.4.ebuild:
948 stable x86, bug #161171
949
950 *hardened-sources-2.6.19-r3 (27 Dec 2006)
951
952 27 Dec 2006; Christian Heim <phreak@gentoo.org>
953 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
954 Revision bump for bug #157186 and #158786.
955
956 *hardened-sources-2.6.18-r4 (27 Dec 2006)
957
958 27 Dec 2006; Christian Heim <phreak@gentoo.org>
959 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
960 Revision bump for bug #157186.
961
962 *hardened-sources-2.6.19-r2 (23 Dec 2006)
963
964 23 Dec 2006; Christian Heim <phreak@gentoo.org>
965 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
966 Revision bump to pull in genpatches-2.6.19-3 for #157186.
967
968 17 Dec 2006; Christian Heim <phreak@gentoo.org>
969 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
970 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
971 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
972 hardened-sources-2.6.19-r1.ebuild:
973 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
974 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
975
976 *hardened-sources-2.4.33.4 (17 Dec 2006)
977
978 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
979 +hardened-sources-2.4.33.4.ebuild:
980 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
981 and quilting
982
983 *hardened-sources-2.6.19-r1 (14 Dec 2006)
984
985 14 Dec 2006; Christian Heim <phreak@gentoo.org>
986 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
987 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
988 for reporting).
989
990 *hardened-sources-2.6.19 (13 Dec 2006)
991
992 13 Dec 2006; Christian Heim <phreak@gentoo.org>
993 +hardened-sources-2.6.19.ebuild:
994 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
995 Brad for providing that prompt update.
996
997 *hardened-sources-2.6.18-r3 (13 Dec 2006)
998
999 13 Dec 2006; Christian Heim <phreak@gentoo.org>
1000 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
1001 +hardened-sources-2.6.18-r3.ebuild:
1002 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
1003 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
1004
1005 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
1006 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
1007
1008 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
1009 Stable on ppc wrt bug 157356
1010
1011 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
1012 hardened-sources-2.6.18.ebuild:
1013 stable x86, bug #157356
1014
1015 *hardened-sources-2.6.18-r2 (06 Dec 2006)
1016
1017 06 Dec 2006; Christian Heim <phreak@gentoo.org>
1018 +hardened-sources-2.6.18-r2.ebuild:
1019 Revision bump, including 2.6.18.5 (via genpatches) and
1020 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
1021 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
1022 redesign.
1023
1024 06 Dec 2006; Christian Heim <phreak@gentoo.org>
1025 hardened-sources-2.6.18.ebuild:
1026 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
1027 of Mike Doty).
1028
1029 *hardened-sources-2.6.18-r1 (23 Nov 2006)
1030
1031 23 Nov 2006; Christian Heim <phreak@gentoo.org>
1032 +hardened-sources-2.6.18-r1.ebuild:
1033 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
1034
1035 *hardened-sources-2.6.18 (11 Nov 2006)
1036
1037 11 Nov 2006; Christian Heim <phreak@gentoo.org>
1038 +hardened-sources-2.6.18.ebuild:
1039 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
1040
1041 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1042 - mark amd64 stable also. bug #151877
1043
1044 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1045 - mark 2.6.17-r1 stable
1046
1047 27 Aug 2006; Christian Heim <phreak@gentoo.org>
1048 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
1049 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
1050
1051 *hardened-sources-2.6.17-r1 (26 Aug 2006)
1052
1053 26 Aug 2006; Christian Heim <phreak@gentoo.org>
1054 +hardened-sources-2.6.17-r1.ebuild:
1055 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
1056 grsecurity patch.
1057
1058 *hardened-sources-2.6.17 (17 Aug 2006)
1059
1060 17 Aug 2006; Christian Heim <phreak@gentoo.org>
1061 +hardened-sources-2.6.17.ebuild:
1062 Bumping the hardened-sources-2.6 series to 2.6.17, using
1063 genpatches-2.6.17-6.base.
1064
1065 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1066 - stable on x86 and amd64
1067
1068 *hardened-sources-2.6.16-r11 (15 Jul 2006)
1069
1070 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1071 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1072 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1073 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1074 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1075 crusty ebuilds
1076
1077 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1078 hardened-sources-2.6.16-r10.ebuild:
1079 marking stable on x86 and amd64
1080
1081 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1082 - 2.4.32-r6 stable on x86. RSBAC state unknown
1083
1084 *hardened-sources-2.4.32-r7 (10 Jul 2006)
1085
1086 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1087 +hardened-sources-2.4.32-r7.ebuild:
1088 Bump PaX for RSBAC to test-17
1089
1090 *hardened-sources-2.6.16-r9 (03 Jul 2006)
1091
1092 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1093 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1094 hardened-sources-2.6.16 bump to latest -base.
1095
1096 *hardened-sources-2.4.32-r6 (30 Jun 2006)
1097
1098 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1099 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1100 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1101 sysctl controlable resource logging
1102
1103 *hardened-sources-2.6.16-r7 (05 Jun 2006)
1104
1105 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1106 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1107 push new 2.6.16 release in preparation for stable
1108
1109 22 May 2006; <solar@gentoo.org> :
1110 - redigest bug 134002
1111
1112 *hardened-sources-2.4.32-r5 (16 May 2006)
1113
1114 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1115 +hardened-sources-2.4.32-r5.ebuild:
1116 Fixes rsbac common patching (new patch in new -r5 patchset)
1117
1118 *hardened-sources-2.4.32-r4 (13 May 2006)
1119
1120 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1121 +hardened-sources-2.4.32-r4.ebuild:
1122 - security bumps
1123
1124 *hardened-sources-2.6.16-r6 (03 May 2006)
1125
1126 03 May 2006; John Mylchreest <johnm@gentoo.org>
1127 +hardened-sources-2.6.16-r6.ebuild:
1128 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1129
1130 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1131 hardened-sources-2.6.14-r8.ebuild:
1132 fix x86_64 build problem, this will delay the digest issue again for a short
1133 while but it will sort itself out
1134
1135 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1136 hardened-sources-2.6.14-r8.ebuild:
1137 bump hardened patchset
1138
1139 27 Apr 2006; Alec Warner <antarus@gentoo.org>
1140 files/digest-hardened-sources-2.4.32-r2,
1141 files/digest-hardened-sources-2.4.32-r3,
1142 files/digest-hardened-sources-2.6.14-r8, Manifest:
1143 Fixing duff SHA256 digests: Bug # 131293
1144
1145 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1146
1147 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1148 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1149 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1150 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1151 cleanup of old uneccessary sources
1152
1153 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1154 fix digest
1155
1156 *hardened-sources-2.6.14-r8 (20 Apr 2006)
1157
1158 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1159 +hardened-sources-2.6.14-r8.ebuild:
1160 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1161
1162 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1163 Turning on gpg-signing again, and recomitting
1164
1165 *hardened-sources-2.6.16-r4 (20 Apr 2006)
1166
1167 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1168 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1169 +hardened-sources-2.6.16-r4.ebuild:
1170 Fix numerous security vulns
1171
1172 *hardened-sources-2.4.32-r3 (16 Apr 2006)
1173
1174 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1175 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1176 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1177 - security bump for bug #112791. Removed old ebuilds
1178
1179 *hardened-sources-2.6.16-r3 (15 Apr 2006)
1180
1181 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1182 +hardened-sources-2.6.16-r3.ebuild:
1183 Removing silly localversion which I missed
1184
1185 *hardened-sources-2.6.14-r7 (14 Apr 2006)
1186
1187 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1188 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1189 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1190
1191 *hardened-sources-2.6.16-r2 (13 Apr 2006)
1192
1193 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1194 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1195 +hardened-sources-2.6.16-r2.ebuild:
1196 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1197 labels, dropping USERGROUP define fixes, since these were merged mainstream.
1198
1199 *hardened-sources-2.6.16-r1 (11 Apr 2006)
1200
1201 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1202 +hardened-sources-2.6.16-r1.ebuild:
1203 Bumping to include ppc build fix and 2.6.16.3
1204
1205 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1206 hardened-sources-2.6.14-r6.ebuild:
1207 Stable on x86; bug #127718
1208
1209 *hardened-sources-2.6.16 (31 Mar 2006)
1210
1211 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1212 +hardened-sources-2.6.16.ebuild:
1213 Bumping to new version of grsec, and kernel base. New squashfs. Based on
1214 2.6.16.1
1215
1216 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1217 hardened-sources-2.6.14-r6.ebuild:
1218 Stable on amd64, bug 127718.
1219
1220 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1221 Stable on ppc. Bug #127718
1222
1223 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1224 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1225 -hardened-sources-2.6.14-r4.ebuild:
1226 Cleanup.
1227
1228 *hardened-sources-2.6.14-r6 (15 Mar 2006)
1229
1230 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1231 +hardened-sources-2.6.14-r6.ebuild:
1232 Fixes grsec policy recreation bug and adds a
1233 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1234
1235 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1236 - stable on x86
1237
1238 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1239 hardened-sources-2.6.14-r5.ebuild:
1240 Stable on ppc.
1241
1242 *hardened-sources-2.6.14-r5 (01 Feb 2006)
1243
1244 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1245 +hardened-sources-2.6.14-r5.ebuild:
1246 fixing every known exploit
1247
1248 *hardened-sources-2.4.32-r2 (26 Jan 2006)
1249
1250 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1251 +hardened-sources-2.4.32-r2.ebuild:
1252 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1253
1254 *hardened-sources-2.6.14-r4 (12 Jan 2006)
1255
1256 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1257 - version bump for new genpatches which fix up a few sec holes
1258
1259 *hardened-sources-2.4.32-r1 (05 Jan 2006)
1260
1261 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1262 - revision bump to add misc vital linux kernel security patches.
1263
1264 *hardened-sources-2.6.14-r3 (30 Dec 2005)
1265
1266 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1267 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1268 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1269
1270 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1271 hardened-sources-2.6.14-r2.ebuild:
1272 making x86 & amd64 stable following testing.
1273
1274 *hardened-sources-2.6.14-r2 (27 Dec 2005)
1275
1276 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1277 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1278 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1279 network hooks.
1280
1281 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1282 hardened-sources-2.6.14-r1.ebuild:
1283 bumping to stable early for sec fix on x86 & amd64
1284
1285 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1286
1287 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1288 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1289 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1290
1291 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1292 - stable on x86 security bug #114227 CAN-2005-3257
1293
1294 *hardened-sources-2.4.32 (19 Nov 2005)
1295
1296 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1297 +hardened-sources-2.4.32.ebuild:
1298 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1299 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1300 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1301 rsbac >> /etc/portage/package.use)
1302
1303 *hardened-sources-2.6.14 (14 Nov 2005)
1304
1305 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1306 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1307 Bumping 2.6 series to 2.6.14.2
1308
1309 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1310
1311 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1312 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1313 +hardened-sources-2.6.13-r2.ebuild:
1314 Fixes minor build error in ppc.
1315
1316 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1317
1318 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1319 +hardened-sources-2.6.13-r1.ebuild:
1320 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1321 2.6.13.4, fixes some major amd64 stability problems.
1322
1323 *hardened-sources-2.6.13 (16 Sep 2005)
1324
1325 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1326 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1327 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1328 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1329 users should test this thoroughly.
1330
1331 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1332 - stable on x86
1333
1334 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1335
1336 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1337 +hardened-sources-2.6.11-r15.ebuild:
1338 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1339 grsec redefining curr_ip struct.
1340
1341 *hardened-sources-2.4.31 (20 Jun 2005)
1342
1343 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1344 initial import of 2.4.31 tree
1345
1346 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1347
1348 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1349 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1350 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1351 naming scheme to abide by genpatches
1352
1353 *hardened-sources-2.6.11-r13 (18 May 2005)
1354
1355 18 May 2005; John Mylchreest <johnm@gentoo.org>
1356 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1357 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1358 target. sorry about that. Fixes bug #93022
1359
1360 *hardened-sources-2.6.11-r12 (17 May 2005)
1361
1362 17 May 2005; John Mylchreest <johnm@gentoo.org>
1363 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1364 +hardened-sources-2.6.11-r12.ebuild:
1365 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1366 merges in genpatches-base
1367
1368 *hardened-sources-2.6.11-r12 (17 May 2005)
1369
1370 17 May 2005; John Mylchreest <johnm@gentoo.org>
1371 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1372 +hardened-sources-2.6.11-r12.ebuild:
1373 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1374 merges in genpatches-base
1375
1376 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1377 -files/2.4.27-cmdline-race.patch,
1378 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1379 -files/2.4.28-grsec-binfmt_a.out.patch,
1380 -files/2.4.28-grsec-cmdline-race.patch,
1381 -files/2.4.28-selinux-binfmt_a.out.patch,
1382 -files/2.4.28-selinux-cmdline-race.patch,
1383 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1384 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1385 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1386 cleanup..
1387
1388 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1389
1390 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1391 - disable aout by default
1392
1393 *hardened-sources-2.4.30 (18 Apr 2005)
1394
1395 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1396 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1397 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1398 use
1399
1400 *hardened-sources-2.4.29 (30 Mar 2005)
1401
1402 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1403 +hardened-sources-2.4.29.ebuild:
1404 New hardened-patches-2.4-29.0 patchball.
1405 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1406
1407 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1408
1409 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1410 +hardened-sources-2.4.28-r5.ebuild:
1411 Added a fix for a PaX vulnerability.
1412
1413 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1414 hardened-sources-2.4.28-r4.ebuild:
1415 Stable on x86
1416
1417 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1418 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1419 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1420 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1421 - fixed/added RDEPEND= in all kernel-2 ebuilds
1422
1423 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1424
1425 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1426 +hardened-sources-2.4.28-r4.ebuild:
1427 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1428 backport of neighbour hash updates.
1429
1430 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1431 hardened-sources-2.4.28-r3.ebuild:
1432 Stable on x86
1433
1434 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1435
1436 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1437 +hardened-sources-2.6.10-r3.ebuild:
1438 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1439 in 2005.0
1440
1441 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1442 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1443 hardened-sources-2.4.28-r2.ebuild:
1444 Mark stable on x86
1445
1446 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1447
1448 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1449 +hardened-sources-2.4.28-r3.ebuild:
1450 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1451
1452 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1453 hardened-sources-2.4.28.ebuild:
1454 Mark stable on x86.
1455
1456 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1457
1458 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1459 +hardened-sources-2.4.28-r2.ebuild:
1460 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1461 Mazinger for grsecurity patches as well.
1462
1463 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1464
1465 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1466 Security bump. Thank tocharian for rolling a new patchset...
1467
1468 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1469 +files/2.4.28-grsec-cmdline-race.patch,
1470 +files/2.4.28-selinux-binfmt_a.out.patch,
1471 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1472 - Round up remaining security patches that appear to be missing in 2.4.28. -
1473 PaX standalone updated to current. hgpv=28.1
1474
1475 *hardened-sources-2.4.28 (28 Nov 2004)
1476
1477 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1478 security bump. Thank tocharian for rolling a new patchset
1479
1480 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1481
1482 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1483 +hardened-sources-2.4.27-r3.ebuild:
1484 Applies the new 2.4-27.2 patchball which updates
1485 GRSecurity to the 2.0.1 version.
1486
1487 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1488
1489 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1490 +hardened-sources-2.4.27-r2.ebuild:
1491 Version bump.
1492 This version uses the new 2.4-27.1 patchball which updates
1493 both the SELinux PaX hooks patch and the SELinux headers.
1494
1495 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1496
1497 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1498 +hardened-sources-2.4.27-r1.ebuild,
1499 -hardened-sources-2.4.27.ebuild,
1500 +files/2.4.27-cmdline-race.patch:
1501 Version bump, fix for cmdline race. See bug #59905.
1502
1503 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1504
1505 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1506 +hardened-sources-2.4.26-r6.ebuild,
1507 -hardened-sources-2.4.26-r5.ebuild,
1508 -hardened-sources-2.4.26-r4.ebuild,
1509 +files/2.4.26-cmdline-race.patch:
1510 Version bump, fix for cmdline race. See bug #59905.
1511
1512 *hardened-sources-2.4.27 (08 Aug 2004)
1513
1514 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1515 +hardened-sources-2.4.27.ebuild,
1516 +files/2.4.27-CAN-2004-0394.patch:
1517 Ported the patchball to the 2.4.27 kernel version.
1518
1519 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1520
1521 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1522 +hardened-sources-2.4.26-r5.ebuild:
1523 Updated to use the new hardened-patches-2.4-26.1 patchball.
1524 It adds the following features:
1525 - Squashfs
1526 - Ebtables
1527 - Netdev random (core+drivers)
1528 - Watchdog Timer (WDT) fix.
1529
1530 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1531
1532 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1533 +hardened-sources-2.4.26-r4.ebuild,
1534 +files/2.4.26-CAN-2004-0415.patch,
1535 -hardened-sources-2.4.26-3:
1536 Version bump, fix for CAN 0415, see bug #59378.
1537
1538 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1539
1540 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1541 +hardened-sources-2.4.26-r3.ebuild,
1542 +files/2.4.26-CAN-2004-0497.patch,
1543 -hardened-sources-2.4.26-r2.ebuild:
1544 Version bump, fixed CAN 0497, see bug #56171.
1545
1546 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1547
1548 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1549 +hardened-sources-2.4.26-r2.ebuild,
1550 +files/2.4.26-CAN-2004-0495.patch,
1551 +files/2.4.26-CAN-2004-0535.patch,
1552 -hardened-sources-2.4.26-r1.ebuild:
1553 Fixes for both CAN 0495 and 0535, see bug #54976
1554
1555 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1556 hardened-sources-2.4.26-r1.ebuild:
1557 QA - fix use invocation
1558
1559 *hardened-sources-2.4.26-r1 (22 June 2004)
1560
1561 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1562 +hardened-sources-2.4.26-r1.ebuild,
1563 +files/2.4.26-CAN-2004-0394.patch,
1564 +files/2.4.26-signal-race.patch,
1565 -hardened-sources-2.4.26.ebuild,
1566 -hardened-sources-2.4.24-r3.ebuild:
1567 Version bump for the CAN-2004-0394 issue and bug #53804
1568 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1569
1570
1571 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1572 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1573 Masked hardened-sources-2.4.26.ebuild broken for ppc
1574
1575 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1576 hardened-sources-2.4.24-r3.ebuild:
1577 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1578
1579 *hardened-sources-2.4.26 (29 May 2004)
1580
1581 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1582 +hardened-sources-2.4.26.ebuild:
1583 Updated hardened-sources for the 2.4.26 kernel
1584 Removed broken components, updated almost everything.
1585
1586 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1587
1588 17 Apr 2004; <plasmaroo@gentoo.org>
1589 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1590 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1591 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1592 +hardened-sources-2.4.24-r3.ebuild:
1593 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1594 vulnerabilities. Old revisions removed.
1595
1596 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1597
1598 15 Apr 2004; <plasmaroo@gentoo.org>
1599 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1600 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1601 Version bump for the CAN-2004-0109 issue; bug #47881.
1602
1603 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1604 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1605 Add eutils to inherit.
1606
1607 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1608
1609 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1610 files/hardened-sources-2.4.24.munmap.patch:
1611 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1612
1613 *hardened-sources-2.4.24 (06 Feb 2004)
1614
1615 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1616 hardened-sources-2.4.24.ebuild:
1617 Version bump, updated most of the components.
1618 This release includes the following:
1619
1620 - Hardened security
1621 - Netfilter patch-o-matic 20031219
1622 - FreeSWAN 2.04 & x509 1.4.8
1623 - EVMS 2.2.2
1624 - XFS 1.3.1
1625 - cryptoloop jari
1626 - grsecurity 2.0-rc4
1627 - SELinux
1628 - PaX 200402060000
1629 - PaX Obscurity 200308302223
1630 - Others...
1631
1632 Neither -ck nor systrace are included anymore.
1633
1634 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1635
1636 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1637 hardened-sources-2.4.22-r2.ebuild:
1638 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1639
1640 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1641
1642 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1643 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1644
1645 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1646 hardened-sources-2.4.22-r1.ebuild:
1647 Version bump for the 'do_brk' vulnerability.
1648
1649 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1650 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1651 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1652 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1653 Fix the 'do_brk' vulnerability.
1654
1655 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1656 hardened-sources-2.4.22.ebuild:
1657 - Removed the src_install() portion for SELinux flask
1658 components. These are no longer handled in the kernel
1659 so this code was not necessary.
1660
1661 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1662 New 2.4.22 based hardened-sources thanks to
1663 Phil West <p.west@computer.org>.
1664
1665 These sources include:
1666 - New SELinux API
1667 - Updated CK-base
1668 - Updated GRSec
1669 - Systrace
1670 - SuperFreeS/WAN 1.99.8
1671 - Propolice kernel build support
1672 - EVMS
1673 - Other various security related patches
1674
1675 *hardened-sources-2.4.21 (14 Sep 2003)
1676
1677 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1678 Updated hardened-sources based on the 2.4.21 Linux kernel.
1679 This includes updates to most major components such as:
1680 - ck-base-0306300059
1681 - selinux-2.4-2003071106
1682 - grsecurity-2.0-rc1
1683 - Updated IPTables patch-o-matic
1684 - Updated SuperFreeS/WAN
1685
1686 Thanks to Phil West <pwest@computer.org> for his work in getting this
1687 updated patch set ready for the 2.4.21 based kernel.
1688
1689 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1690 Initial import of hardened-sources-2.4.20-r4. This revision
1691 includes only a few changes, but one of these is an important
1692 security fix. It is recommended all users of hardened-sources
1693 upgrade to this release.
1694
1695 - ioperm bug fix
1696 - fixed compilation failure when building without GRSec
1697
1698 SAL (Secure Auditing for Linux) is NOT included in this revision
1699 due to time constraints, but is planned for inclusion in the near
1700 future.
1701
1702 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1703
1704 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1705 hardened-sources-2.4.20-r3.ebuild:
1706 Add Header...
1707
1708 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1709 hardened-sources-2.4.20-r3.ebuild:
1710 Removed warnings from ebuild. This kernel should be safe to
1711 use at this point.
1712
1713 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1714
1715 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1716 hardened-sources-2.4.20-r3.ebuild:
1717 New revision. Includes the following changes over -r2:
1718
1719 - ck7-base (O(1), preempt, low latency)
1720 - Super FreeS/WAN 1.99.7rc2
1721 - PaX for the LSM/SELinux branch
1722 - GRSecurity 2.0-pre4 (role based access control)
1723 - Systrace 1.3
1724 - EXT3 fixes
1725 - EVMS 2.0.1
1726 - GCC 3.1+ compile optimizations
1727 - ProPolice kernel build support
1728 - Hashing table security fixes
1729
1730 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1731
1732 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1733 Initial import of hardened-sources-r2. This new
1734 ebuild includes many new performance and security
1735 related patches. As in -r1, it will patch in
1736 LSM/SELinux if "selinux" is in USE, otherwise it
1737 will patch in GRSecurity. The following patches
1738 are included in this revision:
1739
1740 - O(1) Scheduler, Low Latency, and Preempt
1741 (pulled from the base CK patch)
1742 - ptrace exploit patch for the LSM kernel
1743 (the GRSec patch already fixes this)
1744 - LSM 2.4-2003040709
1745 - SELinux 2.4-2003040709
1746 - Systrace v1.2
1747 - IPTables patch-o-matic base patches - 20030107
1748 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1749 - Super FreeS/WAN 1.99.6.1
1750 - GRSecurity 1.9.9g
1751 - MPPE
1752 - EXT3 data journal fix
1753 - CIPE 1.5.4
1754
1755 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1756 hardened-sources-2.4.20-r1.ebuild, manifest:
1757 Updated to install flask components correctly for selinux.
1758
1759 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1760 hardened-sources-2.4.20-r1.ebuild:
1761 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1762 is patched in instead. Ptrace patches for selinux have also been added. In
1763 either case, systrace support will be patched in as well.
1764
1765 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1766 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1767 Revision bump for new sources.
1768
1769 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1770 hardened-sources-2.4.20-r1.ebuild:
1771 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1772
1773 *hardened-sources-2.4.20 (30 Mar 2003)
1774
1775 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1776 hardened-sources-2.4.20.ebuild:
1777 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20