/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.308 - (show annotations) (download)
Mon May 25 02:31:57 2009 UTC (5 years, 3 months ago) by gengor
Branch: MAIN
Changes since 1.307: +7 -1 lines
Fix x86-32 boot failure (regression vs. 2.6.28-r7).
(Portage version: 2.1.6.11/cvs/Linux i686)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.307 2009/05/18 01:02:24 gengor Exp $
4
5 *hardened-sources-2.6.28-r9 (25 May 2009)
6
7 25 May 2009; Gordon Malm <gengor@gentoo.org>
8 -hardened-sources-2.6.28-r8.ebuild, +hardened-sources-2.6.28-r9.ebuild:
9 Fix x86-32 boot failure (regression vs. 2.6.28-r7).
10
11 *hardened-sources-2.6.28-r8 (18 May 2009)
12
13 18 May 2009; Gordon Malm <gengor@gentoo.org>
14 +hardened-sources-2.6.28-r8.ebuild:
15 Bump to Linux 2.6.28.10, latest genpatches, PaX updates. Fixes bug #256067
16 and #262862 among others.
17
18 01 May 2009; Gordon Malm <gengor@gentoo.org>
19 hardened-sources-2.6.25-r13.ebuild, hardened-sources-2.6.26-r9.ebuild,
20 hardened-sources-2.6.28-r6.ebuild, hardened-sources-2.6.28-r7.ebuild:
21 Remove unnecessary mirror://gentoo from SRC_URI.
22
23 05 Apr 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r7.ebuild:
24 ppc stable
25
26 30 Mar 2009; Gordon Malm <gengor@gentoo.org>
27 -hardened-sources-2.6.28-r4.ebuild, hardened-sources-2.6.28-r7.ebuild:
28 Stable amd64/x86 and remove old.
29
30 *hardened-sources-2.6.28-r7 (27 Mar 2009)
31
32 27 Mar 2009; Gordon Malm <gengor@gentoo.org>
33 +hardened-sources-2.6.28-r7.ebuild:
34 Add Linux 2.6.28.9. Fix bugs 263424, 263870.
35
36 22 Mar 2009; Gordon Malm <gengor@gentoo.org>
37 -hardened-sources-2.6.27-r7.ebuild, -hardened-sources-2.6.27-r8.ebuild,
38 -hardened-sources-2.6.28-r1.ebuild, -hardened-sources-2.6.28-r2.ebuild,
39 -hardened-sources-2.6.28-r3.ebuild, hardened-sources-2.6.28-r6.ebuild:
40 Stable amd64/x86 and remove old versions.
41
42 22 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r6.ebuild:
43 ppc stable
44
45 *hardened-sources-2.6.28-r6 (21 Mar 2009)
46
47 21 Mar 2009; Gordon Malm <gengor@gentoo.org>
48 -hardened-sources-2.6.28-r5.ebuild, +hardened-sources-2.6.28-r6.ebuild:
49 Minor fix to ensure RTC is properly selected when GRKERNSEC_IO is enabled.
50
51 *hardened-sources-2.6.28-r5 (20 Mar 2009)
52
53 20 Mar 2009; Gordon Malm <gengor@gentoo.org>
54 +hardened-sources-2.6.28-r5.ebuild:
55 Bump genpatches. Grsecurity patch bump, fixes bug #262752.
56
57 20 Mar 2009; Gordon Malm <gengor@gentoo.org>
58 hardened-sources-2.6.28-r4.ebuild:
59 Stable amd64/x86.
60
61 *hardened-sources-2.6.28-r4 (18 Mar 2009)
62
63 18 Mar 2009; Gordon Malm <gengor@gentoo.org>
64 +hardened-sources-2.6.28-r4.ebuild:
65 Bump to Linux 2.6.28.8. PaX update fixes oops in SANITIZE feature,
66 compilation with CPA_DEBUG and more.
67
68 17 Mar 2009; Gordon Malm <gengor@gentoo.org>
69 hardened-sources-2.6.28-r3.ebuild:
70 Quick stable amd64/x86.
71
72 *hardened-sources-2.6.28-r3 (15 Mar 2009)
73
74 15 Mar 2009; Gordon Malm <gengor@gentoo.org>
75 +hardened-sources-2.6.28-r3.ebuild:
76 Adds latest PaX changes fixing some boot issues, ext4 fixes for bug #262507.
77
78 14 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.28-r2.ebuild:
79 ppc stable
80
81 13 Mar 2009; Gordon Malm <gengor@gentoo.org>
82 hardened-sources-2.6.28-r2.ebuild:
83 Stable amd64/x86.
84
85 *hardened-sources-2.6.28-r2 (11 Mar 2009)
86
87 11 Mar 2009; Gordon Malm <gengor@gentoo.org>
88 +hardened-sources-2.6.28-r2.ebuild:
89 Version bump bringing in latest grsecurity patch.
90
91 *hardened-sources-2.6.28-r1 (09 Mar 2009)
92
93 09 Mar 2009; Gordon Malm <gengor@gentoo.org>
94 -hardened-sources-2.6.28.ebuild, +hardened-sources-2.6.28-r1.ebuild:
95 Version bump and remove old.
96
97 07 Mar 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.27-r8.ebuild:
98 ppc stable
99
100 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
101 hardened-sources-2.6.27-r8.ebuild:
102 Remove amd64 testing keyword, bug 256226.
103
104 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
105 hardened-sources-2.6.27-r8.ebuild:
106 Revert amd64 stable, bug #256226.
107
108 01 Mar 2009; Gordon Malm <gengor@gentoo.org>
109 hardened-sources-2.6.27-r8.ebuild:
110 Stable on amd64/x86.
111
112 24 Feb 2009; Gordon Malm <gengor@gentoo.org>
113 -hardened-sources-2.6.27-r6.ebuild:
114 Remove old 2.6.27 release.
115
116 *hardened-sources-2.6.27-r8 (24 Feb 2009)
117
118 24 Feb 2009; Gordon Malm <gengor@gentoo.org>
119 +hardened-sources-2.6.27-r8.ebuild:
120 Bump to latest genpatches, Linux 2.6.27.19, PaX updates. Fixes bug #256067
121 and probably more.
122
123 04 Feb 2009; nixnut <nixnut@gentoo.org> hardened-sources-2.6.26-r9.ebuild:
124 ppc stable
125
126 *hardened-sources-2.6.28 (25 Jan 2009)
127
128 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
129 +hardened-sources-2.6.28.ebuild:
130 Initial 2.6.28 release.
131
132 *hardened-sources-2.6.27-r7 (25 Jan 2009)
133
134 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
135 +hardened-sources-2.6.27-r7.ebuild:
136 Bump to Linux 2.6.27.13.
137
138 25 Jan 2009; Gordon Malm <gengor@gentoo.org>
139 hardened-sources-2.6.26-r9.ebuild:
140 Stable amd64/x86.
141
142 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
143 -hardened-sources-2.6.27-r3.ebuild, -hardened-sources-2.6.27-r4.ebuild,
144 -hardened-sources-2.6.27-r5.ebuild:
145 Remove problem versions.
146
147 *hardened-sources-2.6.27-r6 (24 Jan 2009)
148
149 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
150 +hardened-sources-2.6.27-r6.ebuild:
151 Revert PaX test29 to test30 changes. Fixes bug 256226.
152
153 *hardened-sources-2.6.27-r5 (24 Jan 2009)
154
155 24 Jan 2009; Gordon Malm <gengor@gentoo.org>
156 +hardened-sources-2.6.27-r5.ebuild:
157 Bump to genpatches-10 (includes Linux 2.6.27.{11,12}) and fix bugs 253733,
158 254843.
159
160 23 Jan 2009; Gordon Malm <gengor@gentoo.org>
161 -hardened-sources-2.6.25-r11.ebuild, -hardened-sources-2.6.25-r12.ebuild,
162 -hardened-sources-2.6.26-r7.ebuild, -hardened-sources-2.6.26-r8.ebuild:
163 Remove problem versions.
164
165 23 Jan 2009; nixnut <nixnut@gentoo.org>
166 hardened-sources-2.6.25-r13.ebuild:
167 ppc stable
168
169 21 Jan 2009; Gordon Malm <gengor@gentoo.org>
170 hardened-sources-2.6.25-r13.ebuild:
171 Fasttrack stable amd64/x86.
172
173 *hardened-sources-2.6.26-r9 (21 Jan 2009)
174
175 21 Jan 2009; Gordon Malm <gengor@gentoo.org>
176 +hardened-sources-2.6.26-r9.ebuild:
177 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
178
179 *hardened-sources-2.6.25-r13 (20 Jan 2009)
180
181 20 Jan 2009; Gordon Malm <gengor@gentoo.org>
182 +hardened-sources-2.6.25-r13.ebuild:
183 Revert RLIMIT_STACK false-positives-avoidance patch. Bugs 253733, 254843
184
185 20 Jan 2009; nixnut <nixnut@gentoo.org>
186 hardened-sources-2.6.25-r12.ebuild:
187 ppc stable
188
189 17 Jan 2009; Gordon Malm <gengor@gentoo.org>
190 hardened-sources-2.6.25-r12.ebuild:
191 Stable amd64/x86.
192
193 14 Jan 2009; Gordon Malm <gengor@gentoo.org>
194 -hardened-sources-2.6.25-r10.ebuild, -hardened-sources-2.6.26-r6.ebuild,
195 -hardened-sources-2.6.27-r2.ebuild:
196 Clean out old versions.
197
198 *hardened-sources-2.6.27-r4 (14 Jan 2009)
199 *hardened-sources-2.6.26-r8 (14 Jan 2009)
200 *hardened-sources-2.6.25-r12 (14 Jan 2009)
201
202 14 Jan 2009; Gordon Malm <gengor@gentoo.org>
203 +hardened-sources-2.6.25-r12.ebuild, +hardened-sources-2.6.26-r8.ebuild,
204 +hardened-sources-2.6.27-r4.ebuild:
205 2.6.25-r12: Fixes bugs #249729, #250548, #252688, #254907
206 2.6.26-r8: Fixes bugs #249729, #250548, #252688, #254907
207 2.6.27-r4: Update to latest genpatches (includes Linux 2.6.27.10) and
208 grsecurity patch. Fixes bugs #249729, #250511, #250548, #252688, #254907
209
210 15 Dec 2008; nixnut <nixnut@gentoo.org>
211 hardened-sources-2.6.25-r11.ebuild:
212 Stable on ppc
213
214 09 Dec 2008; Gordon Malm <gengor@gentoo.org>
215 hardened-sources-2.6.25-r11.ebuild:
216 Stable amd64/x86.
217
218 *hardened-sources-2.6.27-r3 (07 Dec 2008)
219
220 07 Dec 2008; Gordon Malm <gengor@gentoo.org>
221 +hardened-sources-2.6.27-r3.ebuild:
222 Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
223 Fixes bug #248754, #249729 and #246607.
224
225 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
226 -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
227 Remove old versions.
228
229 *hardened-sources-2.6.26-r7 (03 Dec 2008)
230 *hardened-sources-2.6.25-r11 (03 Dec 2008)
231
232 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
233 +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
234 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
235 2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
236 Both include many backports from 2.6.27.{6,7} -stable releases.
237
238 24 Nov 2008; Gordon Malm <gengor@gentoo.org>
239 -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
240 Remove versions broken on ARCHes != x86/amd64.
241
242 *hardened-sources-2.6.27-r2 (24 Nov 2008)
243
244 24 Nov 2008; Gordon Malm <gengor@gentoo.org>
245 +hardened-sources-2.6.27-r2.ebuild:
246 Bump to Linux 2.6.27.7 and latest grsecurity patch.
247
248 19 Nov 2008; Gordon Malm <gengor@gentoo.org>
249 -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
250 Remove old versions.
251
252 19 Nov 2008; Gordon Malm <gengor@gentoo.org>
253 hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
254 Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
255
256 16 Nov 2008; nixnut <nixnut@gentoo.org>
257 hardened-sources-2.6.25-r10.ebuild:
258 Stable on ppc
259
260 15 Nov 2008; Gordon Malm <gengor@gentoo.org>
261 hardened-sources-2.6.25-r10.ebuild:
262 Stable amd64/x86.
263
264 *hardened-sources-2.6.26-r6 (12 Nov 2008)
265
266 12 Nov 2008; Gordon Malm <gengor@gentoo.org>
267 +hardened-sources-2.6.26-r6.ebuild:
268 Bump to Linux 2.6.26.8 and fix security bug #245650.
269
270 *hardened-sources-2.6.25-r10 (12 Nov 2008)
271
272 12 Nov 2008; Gordon Malm <gengor@gentoo.org>
273 +hardened-sources-2.6.25-r10.ebuild:
274 Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
275
276 *hardened-sources-2.6.27-r1 (09 Nov 2008)
277
278 09 Nov 2008; Gordon Malm <gengor@gentoo.org>
279 +hardened-sources-2.6.27-r1.ebuild:
280 Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
281
282 *hardened-sources-2.6.27 (04 Nov 2008)
283
284 04 Nov 2008; Gordon Malm <gengor@gentoo.org>
285 +hardened-sources-2.6.27.ebuild:
286 Initial 2.6.27 release.
287
288 *hardened-sources-2.6.26-r5 (03 Nov 2008)
289
290 03 Nov 2008; Gordon Malm <gengor@gentoo.org>
291 -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
292 +hardened-sources-2.6.26-r5.ebuild:
293 2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
294 Clean out some old versions.
295
296 02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
297 Stable on ppc
298
299 30 Oct 2008; Gordon Malm <gengor@gentoo.org>
300 hardened-sources-2.6.25-r9.ebuild:
301 Stable on amd64/x86.
302
303 *hardened-sources-2.6.25-r9 (26 Oct 2008)
304
305 26 Oct 2008; Gordon Malm <gengor@gentoo.org>
306 +hardened-sources-2.6.25-r9.ebuild:
307 Update to Linux 2.6.25.19
308
309 15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
310 Stable on ppc
311
312 *hardened-sources-2.6.26-r4 (14 Oct 2008)
313
314 14 Oct 2008; Gordon Malm <gengor@gentoo.org>
315 -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
316 Update to latest grsecurity patch, fixing building of non-modular kernels.
317
318 *hardened-sources-2.6.26-r3 (12 Oct 2008)
319
320 12 Oct 2008; Gordon Malm <gengor@gentoo.org>
321 hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
322 +hardened-sources-2.6.26-r3.ebuild:
323 2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
324 2.6.26-r1: Removed.
325 2.6.25-r8: Stable amd64/x86.
326
327 *hardened-sources-2.6.25-r8 (09 Oct 2008)
328
329 09 Oct 2008; Gordon Malm <gengor@gentoo.org>
330 -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
331 -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
332 Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
333
334 20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
335 Stable on ppc
336
337 17 Sep 2008; Gordon Malm <gengor@gentoo.org>
338 hardened-sources-2.6.25-r7.ebuild:
339 Stable amd64/x86.
340
341 *hardened-sources-2.6.26-r2 (13 Sep 2008)
342
343 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
344 -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
345 2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
346 PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
347
348 *hardened-sources-2.6.25-r7 (13 Sep 2008)
349
350 13 Sep 2008; Gordon Malm <gengor@gentoo.org>
351 +hardened-sources-2.6.25-r7.ebuild:
352 Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
353
354 10 Sep 2008; Gordon Malm <gengor@gentoo.org>
355 hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
356 hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
357 hardened-sources-2.6.26-r1.ebuild:
358 Update DESCRIPTION and HGPV_URI.
359
360 *hardened-sources-2.6.25-r6 (09 Sep 2008)
361
362 09 Sep 2008; Gordon Malm <gengor@gentoo.org>
363 -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
364 2.6.25-r6: Update to Linux 2.6.25.17.
365 2.6.24-r3: Removed.
366
367 08 Sep 2008; Gordon Malm <gengor@gentoo.org>
368 hardened-sources-2.6.25-r5.ebuild:
369 Stable on amd64/x86
370
371 07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
372 Update my email address.
373
374 31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
375 stable on ppc
376
377 *hardened-sources-2.6.26-r1 (23 Aug 2008)
378 *hardened-sources-2.6.25-r5 (23 Aug 2008)
379
380 23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
381 -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
382 hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
383 +hardened-sources-2.6.26-r1.ebuild:
384 Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
385 security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
386 fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
387 Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
388 (gengor).
389
390 *hardened-sources-2.6.26 (18 Aug 2008)
391 *hardened-sources-2.6.25-r4 (18 Aug 2008)
392
393 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
394 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
395 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
396 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
397 2.6.25-r2: Removed.
398
399 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
400 Remove phreak from metadata.xml (#96398)
401
402 *hardened-sources-2.6.25-r3 (31 Jul 2008)
403
404 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
405 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
406 +hardened-sources-2.6.25-r3.ebuild:
407 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
408 fixes, including security bug #231750.
409
410 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
411 Stable on ppc
412
413 *hardened-sources-2.6.25-r2 (05 Jul 2008)
414
415 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
416 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
417 +hardened-sources-2.6.25-r2.ebuild:
418 2.6.23-r4: Stable x86/amd64
419 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
420 2.6.23-r{11,12}: Removed due to multiple vulns.
421 (gengor & kerframil)
422
423 04 Jul 2008; nixnut <nixnut@gentoo.org>
424 hardened-sources-2.6.23-r13.ebuild:
425 Stable on ppc
426
427 *hardened-sources-2.6.25-r1 (30 Jun 2008)
428
429 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
430 +hardened-sources-2.6.25-r1.ebuild:
431 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
432 grsecurity release. 2.6.23-r13: x86/amd64 stable
433
434 *hardened-sources-2.6.25 (17 Jun 2008)
435 *hardened-sources-2.6.24-r3 (17 Jun 2008)
436 *hardened-sources-2.6.23-r13 (17 Jun 2008)
437
438 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
439 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
440 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
441 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
442 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
443 2.6.25: Initial 2.6.25 release.
444
445 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
446 - fasttrack to stable x86/amd64
447
448 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
449 Fix broken digest for linux-2.6.24.tar.bz2.
450
451 *hardened-sources-2.6.24-r2 (11 May 2008)
452 *hardened-sources-2.6.23-r12 (11 May 2008)
453
454 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
455 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
456 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
457 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
458 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
459 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
460 security bugs 219901, 220691, 220975, 220979, 221123. New
461 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
462 should be removed as far as I'm concerned, everything else remove due to
463 vulnerable to numerous security bugs or brokeness.
464
465 10 May 2008; nixnut <nixnut@gentoo.org>
466 hardened-sources-2.6.23-r11.ebuild:
467 Stable on ppc
468
469 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
470 - -r11 stable on x86/amd64
471
472 *hardened-sources-2.6.23-r11 (01 May 2008)
473
474 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
475 - version bump to fix ulgy linux bugs
476
477 *hardened-sources-2.6.24-r1 (30 Apr 2008)
478
479 30 Apr 2008; Christian Heim <phreak@gentoo.org>
480 +hardened-sources-2.6.24-r1.ebuild:
481 Revision bump (thanks to Kerin and Gordon, again), pulling
482 genpatches-2.6.24-7, solving #219089. Additionally contains further security
483 fixes plus some minor updates.
484
485 *hardened-sources-2.6.23-r10 (30 Apr 2008)
486
487 30 Apr 2008; Christian Heim <phreak@gentoo.org>
488 +hardened-sources-2.6.23-r10.ebuild:
489 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
490 Additional contains "various other fixes".
491
492 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
493 Update the longdescription in metadata, thanks to Gordon Malm.
494
495 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
496 Stable on ppc wrt bug #213255
497
498 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
499 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
500 - stable on x86/amd64 per request. Removed obsolete ebuilds
501
502 *hardened-sources-2.6.24 (07 Apr 2008)
503
504 07 Apr 2008; Christian Heim <phreak@gentoo.org>
505 +hardened-sources-2.6.24.ebuild:
506 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
507 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
508 for the many contributions and their continued effort in #216612) based on
509 2.6.24 and genpatches-2.6.24-5.
510
511 The current ebuild/patchset contains these things:
512 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
513 * Introduces bespoke server and workstation oriented security levels
514 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
515
516 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
517 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
518 maintaining it).
519
520 24 Mar 2008; Christian Heim <phreak@gentoo.org>
521 hardened-sources-2.4.35-r2.ebuild:
522 Fixing SRC_URI for 2.4.35-r2.
523
524 *hardened-sources-2.6.23-r9 (22 Mar 2008)
525
526 22 Mar 2008; Christian Heim <phreak@gentoo.org>
527 +hardened-sources-2.6.23-r9.ebuild:
528 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
529 * Change the default GIDs for some grsecurity options
530 * Revamp the Hardened [Gentoo] security level and make it the default level
531 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
532 * Fix a recursive lock -- call to capable() within ptrace_attach()
533 * Fix bug that allows audit and iscsi operations to be controlled via netlink
534
535 *hardened-sources-2.6.23-r8 (27 Feb 2008)
536
537 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
538 - version bump from Kerin Millar bug 210026
539
540 17 Feb 2008; <solar@gentoo.org> metadata.xml,
541 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
542 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
543 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
544 - stable on x86 and remove old ebuilds
545
546 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
547 - stable on amd64 per request of amd64 lead
548
549 *hardened-sources-2.6.23-r7 (11 Feb 2008)
550
551 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
552 - version bump from kerin.millar
553 Changes:
554
555 * Bump to genpatches-base-2.6.23-9
556 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
557 * Disables COMPAT_VDSO in x86/defconfig
558 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
559
560 25 Jan 2008; Christian Heim <phreak@gentoo.org>
561 -hardened-sources-2.6.22-r8.ebuild:
562 Cleaning up old versions.
563
564 *hardened-sources-2.6.23-r6 (25 Jan 2008)
565
566 25 Jan 2008; Christian Heim <phreak@gentoo.org>
567 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
568 Revision bump, pulling in the latest genpatches.
569
570 *hardened-sources-2.6.23-r5 (24 Dec 2007)
571
572 24 Dec 2007; Christian Heim <phreak@gentoo.org>
573 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
574 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
575 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
576 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
577
578 24 Dec 2007; Christian Heim <phreak@gentoo.org>
579 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
580 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
581 -hardened-sources-2.6.23-r3.ebuild:
582 Cleaning out some unused, old versions.
583
584 24 Dec 2007; Christian Heim <phreak@gentoo.org>
585 hardened-sources-2.6.23-r4.ebuild:
586 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
587 in the tree for long, but there isn't much of a difference between this and
588 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
589
590 *hardened-sources-2.6.23-r4 (23 Dec 2007)
591
592 23 Dec 2007; Christian Heim <phreak@gentoo.org>
593 +hardened-sources-2.6.23-r4.ebuild:
594 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
595
596 *hardened-sources-2.6.23-r3 (04 Dec 2007)
597
598 04 Dec 2007; Christian Heim <phreak@gentoo.org>
599 +hardened-sources-2.6.23-r3.ebuild:
600 Revision bump, pulling in 2.6.23.9.
601
602 *hardened-sources-2.6.23-r2 (25 Nov 2007)
603
604 25 Nov 2007; Christian Heim <phreak@gentoo.org>
605 +hardened-sources-2.6.23-r2.ebuild:
606 Updated patchset, thanks to solar.
607
608 *hardened-sources-2.6.23-r1 (31 Oct 2007)
609
610 31 Oct 2007; Christian Heim <phreak@gentoo.org>
611 +hardened-sources-2.6.23-r1.ebuild:
612 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
613
614 29 Oct 2007; <solar@gentoo.org> metadata.xml:
615 - update metadata.xml
616
617 25 Oct 2007; Christian Heim <phreak@gentoo.org>
618 hardened-sources-2.6.22-r8.ebuild:
619 Marking 2.6.22-r8 stable on amd64 and x86.
620
621 21 Oct 2007; Christian Heim <phreak@gentoo.org>
622 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
623 -hardened-sources-2.6.21-r4.ebuild:
624 Removing old ebuilds.
625
626 *hardened-sources-2.4.35-r2 (21 Oct 2007)
627
628 21 Oct 2007; Christian Heim <phreak@gentoo.org>
629 +hardened-sources-2.4.35-r2.ebuild:
630 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
631 patches.
632
633 *hardened-sources-2.6.22-r8 (21 Oct 2007)
634
635 21 Oct 2007; Christian Heim <phreak@gentoo.org>
636 +hardened-sources-2.6.22-r8.ebuild:
637 Yet another new patch, hopefully fixing the remaining issues we had w/
638 2.6.22. Candidate for stabling.
639
640 *hardened-sources-2.6.23 (13 Oct 2007)
641
642 13 Oct 2007; Christian Heim <phreak@gentoo.org>
643 +hardened-sources-2.6.23.ebuild:
644 Initial hardened-sources-2.6.23. If people still have problems w/ bug
645 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
646
647 11 Oct 2007; Christian Heim <phreak@gentoo.org>
648 hardened-sources-2.6.20-r10.ebuild:
649 Pulling in yet another new genpatches version, fixing the PWC bug for real.
650
651 04 Oct 2007; Christian Heim <phreak@gentoo.org>
652 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
653 Removing old versions.
654
655 *hardened-sources-2.6.22-r7 (01 Oct 2007)
656
657 01 Oct 2007; Christian Heim <phreak@gentoo.org>
658 +hardened-sources-2.6.22-r7.ebuild:
659 Revision bump, pulling in a newer patch. Should fix #194276.
660
661 30 Sep 2007; Christian Heim <phreak@gentoo.org>
662 hardened-sources-2.6.20-r10.ebuild:
663 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
664 Mike Doty).
665
666 *hardened-sources-2.6.22-r6 (26 Sep 2007)
667
668 26 Sep 2007; Christian Heim <phreak@gentoo.org>
669 +hardened-sources-2.6.22-r6.ebuild:
670 Revision bump, grabbing up till Linux 2.6.22.9.
671
672 24 Sep 2007; Christian Heim <phreak@gentoo.org>
673 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
674 Cleaning up further.
675
676 *hardened-sources-2.6.20-r10 (24 Sep 2007)
677
678 24 Sep 2007; Christian Heim <phreak@gentoo.org>
679 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
680 +hardened-sources-2.6.20-r10.ebuild:
681 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
682 revisions.
683
684 *hardened-sources-2.6.22-r5 (22 Sep 2007)
685
686 22 Sep 2007; Christian Heim <phreak@gentoo.org>
687 +hardened-sources-2.6.22-r5.ebuild:
688 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
689
690 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
691 Removing johnm from metadata.xml (see #186467 for reference).
692
693 *hardened-sources-2.6.22-r4 (17 Sep 2007)
694
695 17 Sep 2007; Christian Heim <phreak@gentoo.org>
696 +hardened-sources-2.6.22-r4.ebuild:
697 Revision bump, hopefully fixing all those weird PAX failures.
698
699 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
700 Updating the metadata.xml.
701
702 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
703 Removing tocharian from metadata due to his retirement (see #71718 for
704 reference).
705
706 *hardened-sources-2.6.20-r9 (30 Aug 2007)
707
708 30 Aug 2007; Christian Heim <phreak@gentoo.org>
709 +hardened-sources-2.6.20-r9.ebuild:
710 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
711
712 29 Aug 2007; Christian Heim <phreak@gentoo.org>
713 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
714 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
715 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
716 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
717 -hardened-sources-2.6.22-r2.ebuild:
718 Removing some redundant versions.
719
720 *hardened-sources-2.4.35-r1 (29 Aug 2007)
721
722 29 Aug 2007; Christian Heim <phreak@gentoo.org>
723 +hardened-sources-2.4.35-r1.ebuild:
724 Revision bump, new grsecurity patch.
725
726 *hardened-sources-2.6.20-r8 (26 Aug 2007)
727
728 26 Aug 2007; Christian Heim <phreak@gentoo.org>
729 +hardened-sources-2.6.20-r8.ebuild:
730 Revision bump for Linux 2.6.20.17.
731
732 *hardened-sources-2.6.22-r3 (22 Aug 2007)
733
734 22 Aug 2007; Christian Heim <phreak@gentoo.org>
735 +hardened-sources-2.6.22-r3.ebuild:
736 Revision bump for Linux 2.6.22.4.
737
738 16 Aug 2007; Christian Heim <phreak@gentoo.org>
739 hardened-sources-2.6.22-r2.ebuild:
740 Updated patchset, to fix the alignment against 2.6.22.3.
741
742 *hardened-sources-2.6.22-r2 (16 Aug 2007)
743
744 16 Aug 2007; Christian Heim <phreak@gentoo.org>
745 +hardened-sources-2.6.22-r2.ebuild:
746 Revision bump for Linux 2.6.22.3.
747
748 *hardened-sources-2.4.35 (16 Aug 2007)
749
750 16 Aug 2007; Christian Heim <phreak@gentoo.org>
751 +hardened-sources-2.4.35.ebuild:
752 Version bump, initial version for Linux 2.4.35.
753
754 *hardened-sources-2.6.21-r4 (16 Aug 2007)
755
756 16 Aug 2007; Christian Heim <phreak@gentoo.org>
757 +hardened-sources-2.6.21-r4.ebuild:
758 Revision bump for Linux 2.6.21.6.
759
760 *hardened-sources-2.6.20-r7 (16 Aug 2007)
761
762 16 Aug 2007; Christian Heim <phreak@gentoo.org>
763 +hardened-sources-2.6.20-r7.ebuild:
764 Revision bump for Linux 2.6.20.16.
765
766 *hardened-sources-2.6.22-r1 (13 Aug 2007)
767
768 13 Aug 2007; Christian Heim <phreak@gentoo.org>
769 +hardened-sources-2.6.22-r1.ebuild:
770 Yet another revision bump.
771
772 *hardened-sources-2.6.22 (10 Aug 2007)
773
774 10 Aug 2007; Christian Heim <phreak@gentoo.org>
775 +hardened-sources-2.6.22.ebuild:
776 Initial release for 2.6.22. If you are using hardened-sources on a desktop
777 machine (P4 or newer), be aware you might need to disable
778 CONFIG_PAX_PAGEEXEC.
779
780 04 Aug 2007; Christian Heim <phreak@gentoo.org>
781 hardened-sources-2.6.20-r6.ebuild:
782 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
783 2.6.20.15.
784
785 10 Jul 2007; Christian Heim <phreak@gentoo.org>
786 hardened-sources-2.6.20-r5.ebuild:
787 Marking hardened-sources-2.6.20-r5 stable on ppc.
788
789 10 Jul 2007; Christian Heim <phreak@gentoo.org>
790 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
791 Cleanup.
792
793 *hardened-sources-2.6.20-r6 (08 Jul 2007)
794
795 08 Jul 2007; Christian Heim <phreak@gentoo.org>
796 +hardened-sources-2.6.20-r6.ebuild:
797 Revision bump, grabbing yet another stable release.
798
799 17 Jun 2007; Christian Heim <phreak@gentoo.org>
800 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
801 -hardened-sources-2.6.21-r2.ebuild:
802 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
803 alpha stable KEYWORD by mistake.
804
805 17 Jun 2007; Christian Heim <phreak@gentoo.org>
806 hardened-sources-2.6.20-r5.ebuild:
807 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
808 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
809
810 *hardened-sources-2.6.21-r3 (12 Jun 2007)
811
812 12 Jun 2007; Christian Heim <phreak@gentoo.org>
813 +hardened-sources-2.6.21-r3.ebuild:
814 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
815 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
816 love.
817
818 *hardened-sources-2.6.20-r5 (11 Jun 2007)
819
820 11 Jun 2007; Christian Heim <phreak@gentoo.org>
821 +hardened-sources-2.6.20-r5.ebuild:
822 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
823 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
824 love.
825
826 *hardened-sources-2.4.34.5 (11 Jun 2007)
827
828 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
829 +hardened-sources-2.4.34.5.ebuild:
830 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
831
832 30 May 2007; Christian Heim <phreak@gentoo.org>
833 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
834 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
835 stale ebuild(s).
836
837 30 May 2007; Christian Heim <phreak@gentoo.org>
838 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
839 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
840 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
841 Doing some cleanups, remove stale ebuilds.
842
843 26 May 2007; Christian Heim <phreak@gentoo.org>
844 hardened-sources-2.6.21-r2.ebuild:
845 Fixing the grsecurity patch, had one '};' too much.
846
847 *hardened-sources-2.6.21-r2 (26 May 2007)
848
849 26 May 2007; Christian Heim <phreak@gentoo.org>
850 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
851 +hardened-sources-2.6.21-r2.ebuild:
852 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
853 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
854
855 *hardened-sources-2.6.20-r4 (26 May 2007)
856
857 26 May 2007; Christian Heim <phreak@gentoo.org>
858 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
859 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
860 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
861
862 15 May 2007; Christian Heim <phreak@gentoo.org>
863 hardened-sources-2.6.20-r3.ebuild:
864 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
865 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
866 grsecurity patch fail in that exact same hunk.
867
868 *hardened-sources-2.6.20-r3 (15 May 2007)
869
870 15 May 2007; Christian Heim <phreak@gentoo.org>
871 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
872 Revision bump, incorporating Linux 2.6.20.11.
873
874 *hardened-sources-2.6.21-r1 (11 May 2007)
875
876 11 May 2007; Christian Heim <phreak@gentoo.org>
877 +hardened-sources-2.6.21-r1.ebuild:
878 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
879 mentioned in #177234.
880
881 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
882 files/digest-hardened-sources-2.6.21, Manifest:
883 Fix Manifest/digest for linux-2.6.21.tar.bz2
884
885 06 May 2007; Christian Heim <phreak@gentoo.org>
886 hardened-sources-2.6.21.ebuild:
887 Bumping the hardened-patches version, needed for the fix for #177234.
888
889 *hardened-sources-2.6.21 (02 May 2007)
890
891 02 May 2007; Christian Heim <phreak@gentoo.org>
892 +hardened-sources-2.6.21.ebuild:
893 Version bump, Linux 2.6.21-hardened.
894
895 29 Apr 2007; Christian Heim <phreak@gentoo.org>
896 hardened-sources-2.6.20-r2.ebuild:
897 Adding ~ia64 on Ned's request.
898
899 29 Apr 2007; Christian Heim <phreak@gentoo.org>
900 hardened-sources-2.6.20-r2.ebuild:
901 Fixing the included grsecurity patch, wasn't alligning due to the Index:
902 header line(s).
903
904 29 Apr 2007; Christian Heim <phreak@gentoo.org>
905 hardened-sources-2.6.20-r2.ebuild:
906 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
907
908 *hardened-sources-2.6.20-r2 (10 Apr 2007)
909
910 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
911 +hardened-sources-2.6.20-r2.ebuild:
912 Version bump, on behalf of phreak
913
914 *hardened-sources-2.6.20-r1 (04 Apr 2007)
915
916 04 Apr 2007; Christian Heim <phreak@gentoo.org>
917 +hardened-sources-2.6.20-r1.ebuild:
918 Revision bump, grabbing a newer grsecurity snapshot.
919
920 *hardened-sources-2.6.20 (25 Mar 2007)
921
922 25 Mar 2007; Christian Heim <phreak@gentoo.org>
923 +hardened-sources-2.6.20.ebuild:
924 Finally a hardened-sources version for 2.6.20; many people have been waiting
925 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
926 testbox.
927
928 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
929 hardened-sources-2.6.18-r6.ebuild:
930 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
931
932 *hardened-sources-2.6.18-r6 (16 Mar 2007)
933
934 16 Mar 2007; Christian Heim <phreak@gentoo.org>
935 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
936 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
937 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
938 supposed to be.
939
940 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
941 Fixing the Manifest, the previous one was broken (as in still had the
942 deleted ebuild in it).
943
944 06 Mar 2007; Christian Heim <phreak@gentoo.org>
945 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
946 +hardened-sources-2.6.18-r5.ebuild:
947 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
948 Linux 2.6.18.8. Also cleaning up the older version.
949
950 *hardened-sources-2.6.18-r5 (06 Mar 2007)
951
952 06 Mar 2007; Christian Heim <phreak@gentoo.org>
953 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
954 +hardened-sources-2.6.18-r5.ebuild:
955 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
956 Linux 2.6.18.8. Also cleaning up the older version.
957
958 24 Feb 2007; Christian Heim <phreak@gentoo.org>
959 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
960 -hardened-sources-2.6.19-r5.ebuild:
961 Removing some of the old version, that didn't work.
962
963 *hardened-sources-2.6.19-r6 (12 Feb 2007)
964
965 12 Feb 2007; Christian Heim <phreak@gentoo.org>
966 +hardened-sources-2.6.19-r6.ebuild:
967 Revision bump, including a new grsec version fixing #166235.
968
969 *hardened-sources-2.4.34 (24 Jan 2007)
970
971 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
972 Manifest:
973 updating Manifest with checksums of new tarball and ebuild
974
975 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
976 +hardened-sources-2.4.34.ebuild:
977 I added new hardened sources 2.4 update, this is a critical path
978 security bugfix - all users of h-s are strongly advised
979 to update their existing hardened sources to this version.
980 It contains a fix for a kernel vulnerability that is pertaining
981 to the PaX changes to virtual memory management, possibly leading
982 to a local kernel exploit ... see grsecurity.net forums and homepage
983
984 23 Jan 2007; Christian Heim <phreak@gentoo.org>
985 files/digest-hardened-sources-2.6.19-r5, Manifest:
986 Fixing the patch-tarball digest.
987
988 *hardened-sources-2.6.19-r5 (23 Jan 2007)
989
990 23 Jan 2007; Christian Heim <phreak@gentoo.org>
991 +hardened-sources-2.6.19-r5.ebuild:
992 Revision bump, closing the recently discovered PaX expand_stack()
993 vulnerability.
994
995 *hardened-sources-2.6.19-r4 (14 Jan 2007)
996
997 14 Jan 2007; Christian Heim <phreak@gentoo.org>
998 +hardened-sources-2.6.19-r4.ebuild:
999 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
1000 dropping the randomized PID feature.
1001
1002 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
1003 hardened-sources-2.4.33.4.ebuild:
1004 stable x86, bug #161171
1005
1006 *hardened-sources-2.6.19-r3 (27 Dec 2006)
1007
1008 27 Dec 2006; Christian Heim <phreak@gentoo.org>
1009 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
1010 Revision bump for bug #157186 and #158786.
1011
1012 *hardened-sources-2.6.18-r4 (27 Dec 2006)
1013
1014 27 Dec 2006; Christian Heim <phreak@gentoo.org>
1015 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
1016 Revision bump for bug #157186.
1017
1018 *hardened-sources-2.6.19-r2 (23 Dec 2006)
1019
1020 23 Dec 2006; Christian Heim <phreak@gentoo.org>
1021 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
1022 Revision bump to pull in genpatches-2.6.19-3 for #157186.
1023
1024 17 Dec 2006; Christian Heim <phreak@gentoo.org>
1025 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
1026 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
1027 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
1028 hardened-sources-2.6.19-r1.ebuild:
1029 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
1030 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
1031
1032 *hardened-sources-2.4.33.4 (17 Dec 2006)
1033
1034 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
1035 +hardened-sources-2.4.33.4.ebuild:
1036 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
1037 and quilting
1038
1039 *hardened-sources-2.6.19-r1 (14 Dec 2006)
1040
1041 14 Dec 2006; Christian Heim <phreak@gentoo.org>
1042 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
1043 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
1044 for reporting).
1045
1046 *hardened-sources-2.6.19 (13 Dec 2006)
1047
1048 13 Dec 2006; Christian Heim <phreak@gentoo.org>
1049 +hardened-sources-2.6.19.ebuild:
1050 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
1051 Brad for providing that prompt update.
1052
1053 *hardened-sources-2.6.18-r3 (13 Dec 2006)
1054
1055 13 Dec 2006; Christian Heim <phreak@gentoo.org>
1056 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
1057 +hardened-sources-2.6.18-r3.ebuild:
1058 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
1059 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
1060
1061 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
1062 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
1063
1064 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
1065 Stable on ppc wrt bug 157356
1066
1067 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
1068 hardened-sources-2.6.18.ebuild:
1069 stable x86, bug #157356
1070
1071 *hardened-sources-2.6.18-r2 (06 Dec 2006)
1072
1073 06 Dec 2006; Christian Heim <phreak@gentoo.org>
1074 +hardened-sources-2.6.18-r2.ebuild:
1075 Revision bump, including 2.6.18.5 (via genpatches) and
1076 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
1077 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
1078 redesign.
1079
1080 06 Dec 2006; Christian Heim <phreak@gentoo.org>
1081 hardened-sources-2.6.18.ebuild:
1082 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
1083 of Mike Doty).
1084
1085 *hardened-sources-2.6.18-r1 (23 Nov 2006)
1086
1087 23 Nov 2006; Christian Heim <phreak@gentoo.org>
1088 +hardened-sources-2.6.18-r1.ebuild:
1089 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
1090
1091 *hardened-sources-2.6.18 (11 Nov 2006)
1092
1093 11 Nov 2006; Christian Heim <phreak@gentoo.org>
1094 +hardened-sources-2.6.18.ebuild:
1095 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
1096
1097 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1098 - mark amd64 stable also. bug #151877
1099
1100 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
1101 - mark 2.6.17-r1 stable
1102
1103 27 Aug 2006; Christian Heim <phreak@gentoo.org>
1104 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
1105 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
1106
1107 *hardened-sources-2.6.17-r1 (26 Aug 2006)
1108
1109 26 Aug 2006; Christian Heim <phreak@gentoo.org>
1110 +hardened-sources-2.6.17-r1.ebuild:
1111 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
1112 grsecurity patch.
1113
1114 *hardened-sources-2.6.17 (17 Aug 2006)
1115
1116 17 Aug 2006; Christian Heim <phreak@gentoo.org>
1117 +hardened-sources-2.6.17.ebuild:
1118 Bumping the hardened-sources-2.6 series to 2.6.17, using
1119 genpatches-2.6.17-6.base.
1120
1121 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
1122 - stable on x86 and amd64
1123
1124 *hardened-sources-2.6.16-r11 (15 Jul 2006)
1125
1126 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
1127 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
1128 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
1129 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
1130 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
1131 crusty ebuilds
1132
1133 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
1134 hardened-sources-2.6.16-r10.ebuild:
1135 marking stable on x86 and amd64
1136
1137 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
1138 - 2.4.32-r6 stable on x86. RSBAC state unknown
1139
1140 *hardened-sources-2.4.32-r7 (10 Jul 2006)
1141
1142 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
1143 +hardened-sources-2.4.32-r7.ebuild:
1144 Bump PaX for RSBAC to test-17
1145
1146 *hardened-sources-2.6.16-r9 (03 Jul 2006)
1147
1148 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
1149 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
1150 hardened-sources-2.6.16 bump to latest -base.
1151
1152 *hardened-sources-2.4.32-r6 (30 Jun 2006)
1153
1154 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
1155 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
1156 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
1157 sysctl controlable resource logging
1158
1159 *hardened-sources-2.6.16-r7 (05 Jun 2006)
1160
1161 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
1162 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
1163 push new 2.6.16 release in preparation for stable
1164
1165 22 May 2006; <solar@gentoo.org> :
1166 - redigest bug 134002
1167
1168 *hardened-sources-2.4.32-r5 (16 May 2006)
1169
1170 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
1171 +hardened-sources-2.4.32-r5.ebuild:
1172 Fixes rsbac common patching (new patch in new -r5 patchset)
1173
1174 *hardened-sources-2.4.32-r4 (13 May 2006)
1175
1176 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
1177 +hardened-sources-2.4.32-r4.ebuild:
1178 - security bumps
1179
1180 *hardened-sources-2.6.16-r6 (03 May 2006)
1181
1182 03 May 2006; John Mylchreest <johnm@gentoo.org>
1183 +hardened-sources-2.6.16-r6.ebuild:
1184 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
1185
1186 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1187 hardened-sources-2.6.14-r8.ebuild:
1188 fix x86_64 build problem, this will delay the digest issue again for a short
1189 while but it will sort itself out
1190
1191 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
1192 hardened-sources-2.6.14-r8.ebuild:
1193 bump hardened patchset
1194
1195 27 Apr 2006; Alec Warner <antarus@gentoo.org>
1196 files/digest-hardened-sources-2.4.32-r2,
1197 files/digest-hardened-sources-2.4.32-r3,
1198 files/digest-hardened-sources-2.6.14-r8, Manifest:
1199 Fixing duff SHA256 digests: Bug # 131293
1200
1201 *hardened-sources-2.6.16-r5 (27 Apr 2006)
1202
1203 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
1204 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
1205 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
1206 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
1207 cleanup of old uneccessary sources
1208
1209 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1210 fix digest
1211
1212 *hardened-sources-2.6.14-r8 (20 Apr 2006)
1213
1214 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1215 +hardened-sources-2.6.14-r8.ebuild:
1216 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1217
1218 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1219 Turning on gpg-signing again, and recomitting
1220
1221 *hardened-sources-2.6.16-r4 (20 Apr 2006)
1222
1223 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1224 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1225 +hardened-sources-2.6.16-r4.ebuild:
1226 Fix numerous security vulns
1227
1228 *hardened-sources-2.4.32-r3 (16 Apr 2006)
1229
1230 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1231 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1232 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1233 - security bump for bug #112791. Removed old ebuilds
1234
1235 *hardened-sources-2.6.16-r3 (15 Apr 2006)
1236
1237 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1238 +hardened-sources-2.6.16-r3.ebuild:
1239 Removing silly localversion which I missed
1240
1241 *hardened-sources-2.6.14-r7 (14 Apr 2006)
1242
1243 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1244 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1245 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1246
1247 *hardened-sources-2.6.16-r2 (13 Apr 2006)
1248
1249 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1250 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1251 +hardened-sources-2.6.16-r2.ebuild:
1252 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1253 labels, dropping USERGROUP define fixes, since these were merged mainstream.
1254
1255 *hardened-sources-2.6.16-r1 (11 Apr 2006)
1256
1257 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1258 +hardened-sources-2.6.16-r1.ebuild:
1259 Bumping to include ppc build fix and 2.6.16.3
1260
1261 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1262 hardened-sources-2.6.14-r6.ebuild:
1263 Stable on x86; bug #127718
1264
1265 *hardened-sources-2.6.16 (31 Mar 2006)
1266
1267 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1268 +hardened-sources-2.6.16.ebuild:
1269 Bumping to new version of grsec, and kernel base. New squashfs. Based on
1270 2.6.16.1
1271
1272 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1273 hardened-sources-2.6.14-r6.ebuild:
1274 Stable on amd64, bug 127718.
1275
1276 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1277 Stable on ppc. Bug #127718
1278
1279 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1280 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1281 -hardened-sources-2.6.14-r4.ebuild:
1282 Cleanup.
1283
1284 *hardened-sources-2.6.14-r6 (15 Mar 2006)
1285
1286 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1287 +hardened-sources-2.6.14-r6.ebuild:
1288 Fixes grsec policy recreation bug and adds a
1289 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1290
1291 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1292 - stable on x86
1293
1294 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1295 hardened-sources-2.6.14-r5.ebuild:
1296 Stable on ppc.
1297
1298 *hardened-sources-2.6.14-r5 (01 Feb 2006)
1299
1300 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1301 +hardened-sources-2.6.14-r5.ebuild:
1302 fixing every known exploit
1303
1304 *hardened-sources-2.4.32-r2 (26 Jan 2006)
1305
1306 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1307 +hardened-sources-2.4.32-r2.ebuild:
1308 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1309
1310 *hardened-sources-2.6.14-r4 (12 Jan 2006)
1311
1312 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1313 - version bump for new genpatches which fix up a few sec holes
1314
1315 *hardened-sources-2.4.32-r1 (05 Jan 2006)
1316
1317 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1318 - revision bump to add misc vital linux kernel security patches.
1319
1320 *hardened-sources-2.6.14-r3 (30 Dec 2005)
1321
1322 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1323 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1324 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1325
1326 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1327 hardened-sources-2.6.14-r2.ebuild:
1328 making x86 & amd64 stable following testing.
1329
1330 *hardened-sources-2.6.14-r2 (27 Dec 2005)
1331
1332 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1333 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1334 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1335 network hooks.
1336
1337 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1338 hardened-sources-2.6.14-r1.ebuild:
1339 bumping to stable early for sec fix on x86 & amd64
1340
1341 *hardened-sources-2.6.14-r1 (05 Dec 2005)
1342
1343 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1344 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1345 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1346
1347 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1348 - stable on x86 security bug #114227 CAN-2005-3257
1349
1350 *hardened-sources-2.4.32 (19 Nov 2005)
1351
1352 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1353 +hardened-sources-2.4.32.ebuild:
1354 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1355 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1356 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1357 rsbac >> /etc/portage/package.use)
1358
1359 *hardened-sources-2.6.14 (14 Nov 2005)
1360
1361 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1362 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1363 Bumping 2.6 series to 2.6.14.2
1364
1365 *hardened-sources-2.6.13-r2 (20 Oct 2005)
1366
1367 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1368 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1369 +hardened-sources-2.6.13-r2.ebuild:
1370 Fixes minor build error in ppc.
1371
1372 *hardened-sources-2.6.13-r1 (17 Oct 2005)
1373
1374 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1375 +hardened-sources-2.6.13-r1.ebuild:
1376 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1377 2.6.13.4, fixes some major amd64 stability problems.
1378
1379 *hardened-sources-2.6.13 (16 Sep 2005)
1380
1381 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1382 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1383 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1384 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1385 users should test this thoroughly.
1386
1387 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1388 - stable on x86
1389
1390 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1391
1392 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1393 +hardened-sources-2.6.11-r15.ebuild:
1394 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1395 grsec redefining curr_ip struct.
1396
1397 *hardened-sources-2.4.31 (20 Jun 2005)
1398
1399 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1400 initial import of 2.4.31 tree
1401
1402 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1403
1404 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1405 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1406 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1407 naming scheme to abide by genpatches
1408
1409 *hardened-sources-2.6.11-r13 (18 May 2005)
1410
1411 18 May 2005; John Mylchreest <johnm@gentoo.org>
1412 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1413 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1414 target. sorry about that. Fixes bug #93022
1415
1416 *hardened-sources-2.6.11-r12 (17 May 2005)
1417
1418 17 May 2005; John Mylchreest <johnm@gentoo.org>
1419 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1420 +hardened-sources-2.6.11-r12.ebuild:
1421 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1422 merges in genpatches-base
1423
1424 *hardened-sources-2.6.11-r12 (17 May 2005)
1425
1426 17 May 2005; John Mylchreest <johnm@gentoo.org>
1427 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1428 +hardened-sources-2.6.11-r12.ebuild:
1429 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1430 merges in genpatches-base
1431
1432 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1433 -files/2.4.27-cmdline-race.patch,
1434 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1435 -files/2.4.28-grsec-binfmt_a.out.patch,
1436 -files/2.4.28-grsec-cmdline-race.patch,
1437 -files/2.4.28-selinux-binfmt_a.out.patch,
1438 -files/2.4.28-selinux-cmdline-race.patch,
1439 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1440 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1441 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1442 cleanup..
1443
1444 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1445
1446 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1447 - disable aout by default
1448
1449 *hardened-sources-2.4.30 (18 Apr 2005)
1450
1451 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1452 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1453 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1454 use
1455
1456 *hardened-sources-2.4.29 (30 Mar 2005)
1457
1458 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1459 +hardened-sources-2.4.29.ebuild:
1460 New hardened-patches-2.4-29.0 patchball.
1461 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1462
1463 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1464
1465 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1466 +hardened-sources-2.4.28-r5.ebuild:
1467 Added a fix for a PaX vulnerability.
1468
1469 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1470 hardened-sources-2.4.28-r4.ebuild:
1471 Stable on x86
1472
1473 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1474 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1475 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1476 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1477 - fixed/added RDEPEND= in all kernel-2 ebuilds
1478
1479 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1480
1481 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1482 +hardened-sources-2.4.28-r4.ebuild:
1483 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1484 backport of neighbour hash updates.
1485
1486 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1487 hardened-sources-2.4.28-r3.ebuild:
1488 Stable on x86
1489
1490 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1491
1492 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1493 +hardened-sources-2.6.10-r3.ebuild:
1494 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1495 in 2005.0
1496
1497 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1498 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1499 hardened-sources-2.4.28-r2.ebuild:
1500 Mark stable on x86
1501
1502 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1503
1504 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1505 +hardened-sources-2.4.28-r3.ebuild:
1506 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1507
1508 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1509 hardened-sources-2.4.28.ebuild:
1510 Mark stable on x86.
1511
1512 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1513
1514 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1515 +hardened-sources-2.4.28-r2.ebuild:
1516 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1517 Mazinger for grsecurity patches as well.
1518
1519 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1520
1521 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1522 Security bump. Thank tocharian for rolling a new patchset...
1523
1524 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1525 +files/2.4.28-grsec-cmdline-race.patch,
1526 +files/2.4.28-selinux-binfmt_a.out.patch,
1527 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1528 - Round up remaining security patches that appear to be missing in 2.4.28. -
1529 PaX standalone updated to current. hgpv=28.1
1530
1531 *hardened-sources-2.4.28 (28 Nov 2004)
1532
1533 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1534 security bump. Thank tocharian for rolling a new patchset
1535
1536 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1537
1538 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1539 +hardened-sources-2.4.27-r3.ebuild:
1540 Applies the new 2.4-27.2 patchball which updates
1541 GRSecurity to the 2.0.1 version.
1542
1543 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1544
1545 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1546 +hardened-sources-2.4.27-r2.ebuild:
1547 Version bump.
1548 This version uses the new 2.4-27.1 patchball which updates
1549 both the SELinux PaX hooks patch and the SELinux headers.
1550
1551 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1552
1553 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1554 +hardened-sources-2.4.27-r1.ebuild,
1555 -hardened-sources-2.4.27.ebuild,
1556 +files/2.4.27-cmdline-race.patch:
1557 Version bump, fix for cmdline race. See bug #59905.
1558
1559 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1560
1561 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1562 +hardened-sources-2.4.26-r6.ebuild,
1563 -hardened-sources-2.4.26-r5.ebuild,
1564 -hardened-sources-2.4.26-r4.ebuild,
1565 +files/2.4.26-cmdline-race.patch:
1566 Version bump, fix for cmdline race. See bug #59905.
1567
1568 *hardened-sources-2.4.27 (08 Aug 2004)
1569
1570 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1571 +hardened-sources-2.4.27.ebuild,
1572 +files/2.4.27-CAN-2004-0394.patch:
1573 Ported the patchball to the 2.4.27 kernel version.
1574
1575 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1576
1577 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1578 +hardened-sources-2.4.26-r5.ebuild:
1579 Updated to use the new hardened-patches-2.4-26.1 patchball.
1580 It adds the following features:
1581 - Squashfs
1582 - Ebtables
1583 - Netdev random (core+drivers)
1584 - Watchdog Timer (WDT) fix.
1585
1586 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1587
1588 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1589 +hardened-sources-2.4.26-r4.ebuild,
1590 +files/2.4.26-CAN-2004-0415.patch,
1591 -hardened-sources-2.4.26-3:
1592 Version bump, fix for CAN 0415, see bug #59378.
1593
1594 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1595
1596 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1597 +hardened-sources-2.4.26-r3.ebuild,
1598 +files/2.4.26-CAN-2004-0497.patch,
1599 -hardened-sources-2.4.26-r2.ebuild:
1600 Version bump, fixed CAN 0497, see bug #56171.
1601
1602 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1603
1604 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1605 +hardened-sources-2.4.26-r2.ebuild,
1606 +files/2.4.26-CAN-2004-0495.patch,
1607 +files/2.4.26-CAN-2004-0535.patch,
1608 -hardened-sources-2.4.26-r1.ebuild:
1609 Fixes for both CAN 0495 and 0535, see bug #54976
1610
1611 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1612 hardened-sources-2.4.26-r1.ebuild:
1613 QA - fix use invocation
1614
1615 *hardened-sources-2.4.26-r1 (22 June 2004)
1616
1617 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1618 +hardened-sources-2.4.26-r1.ebuild,
1619 +files/2.4.26-CAN-2004-0394.patch,
1620 +files/2.4.26-signal-race.patch,
1621 -hardened-sources-2.4.26.ebuild,
1622 -hardened-sources-2.4.24-r3.ebuild:
1623 Version bump for the CAN-2004-0394 issue and bug #53804
1624 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1625
1626
1627 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1628 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1629 Masked hardened-sources-2.4.26.ebuild broken for ppc
1630
1631 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1632 hardened-sources-2.4.24-r3.ebuild:
1633 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1634
1635 *hardened-sources-2.4.26 (29 May 2004)
1636
1637 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1638 +hardened-sources-2.4.26.ebuild:
1639 Updated hardened-sources for the 2.4.26 kernel
1640 Removed broken components, updated almost everything.
1641
1642 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1643
1644 17 Apr 2004; <plasmaroo@gentoo.org>
1645 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1646 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1647 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1648 +hardened-sources-2.4.24-r3.ebuild:
1649 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1650 vulnerabilities. Old revisions removed.
1651
1652 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1653
1654 15 Apr 2004; <plasmaroo@gentoo.org>
1655 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1656 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1657 Version bump for the CAN-2004-0109 issue; bug #47881.
1658
1659 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1660 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1661 Add eutils to inherit.
1662
1663 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1664
1665 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1666 files/hardened-sources-2.4.24.munmap.patch:
1667 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1668
1669 *hardened-sources-2.4.24 (06 Feb 2004)
1670
1671 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1672 hardened-sources-2.4.24.ebuild:
1673 Version bump, updated most of the components.
1674 This release includes the following:
1675
1676 - Hardened security
1677 - Netfilter patch-o-matic 20031219
1678 - FreeSWAN 2.04 & x509 1.4.8
1679 - EVMS 2.2.2
1680 - XFS 1.3.1
1681 - cryptoloop jari
1682 - grsecurity 2.0-rc4
1683 - SELinux
1684 - PaX 200402060000
1685 - PaX Obscurity 200308302223
1686 - Others...
1687
1688 Neither -ck nor systrace are included anymore.
1689
1690 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1691
1692 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1693 hardened-sources-2.4.22-r2.ebuild:
1694 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1695
1696 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1697
1698 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1699 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1700
1701 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1702 hardened-sources-2.4.22-r1.ebuild:
1703 Version bump for the 'do_brk' vulnerability.
1704
1705 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1706 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1707 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1708 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1709 Fix the 'do_brk' vulnerability.
1710
1711 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1712 hardened-sources-2.4.22.ebuild:
1713 - Removed the src_install() portion for SELinux flask
1714 components. These are no longer handled in the kernel
1715 so this code was not necessary.
1716
1717 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1718 New 2.4.22 based hardened-sources thanks to
1719 Phil West <p.west@computer.org>.
1720
1721 These sources include:
1722 - New SELinux API
1723 - Updated CK-base
1724 - Updated GRSec
1725 - Systrace
1726 - SuperFreeS/WAN 1.99.8
1727 - Propolice kernel build support
1728 - EVMS
1729 - Other various security related patches
1730
1731 *hardened-sources-2.4.21 (14 Sep 2003)
1732
1733 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1734 Updated hardened-sources based on the 2.4.21 Linux kernel.
1735 This includes updates to most major components such as:
1736 - ck-base-0306300059
1737 - selinux-2.4-2003071106
1738 - grsecurity-2.0-rc1
1739 - Updated IPTables patch-o-matic
1740 - Updated SuperFreeS/WAN
1741
1742 Thanks to Phil West <pwest@computer.org> for his work in getting this
1743 updated patch set ready for the 2.4.21 based kernel.
1744
1745 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1746 Initial import of hardened-sources-2.4.20-r4. This revision
1747 includes only a few changes, but one of these is an important
1748 security fix. It is recommended all users of hardened-sources
1749 upgrade to this release.
1750
1751 - ioperm bug fix
1752 - fixed compilation failure when building without GRSec
1753
1754 SAL (Secure Auditing for Linux) is NOT included in this revision
1755 due to time constraints, but is planned for inclusion in the near
1756 future.
1757
1758 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1759
1760 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1761 hardened-sources-2.4.20-r3.ebuild:
1762 Add Header...
1763
1764 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1765 hardened-sources-2.4.20-r3.ebuild:
1766 Removed warnings from ebuild. This kernel should be safe to
1767 use at this point.
1768
1769 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1770
1771 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1772 hardened-sources-2.4.20-r3.ebuild:
1773 New revision. Includes the following changes over -r2:
1774
1775 - ck7-base (O(1), preempt, low latency)
1776 - Super FreeS/WAN 1.99.7rc2
1777 - PaX for the LSM/SELinux branch
1778 - GRSecurity 2.0-pre4 (role based access control)
1779 - Systrace 1.3
1780 - EXT3 fixes
1781 - EVMS 2.0.1
1782 - GCC 3.1+ compile optimizations
1783 - ProPolice kernel build support
1784 - Hashing table security fixes
1785
1786 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1787
1788 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1789 Initial import of hardened-sources-r2. This new
1790 ebuild includes many new performance and security
1791 related patches. As in -r1, it will patch in
1792 LSM/SELinux if "selinux" is in USE, otherwise it
1793 will patch in GRSecurity. The following patches
1794 are included in this revision:
1795
1796 - O(1) Scheduler, Low Latency, and Preempt
1797 (pulled from the base CK patch)
1798 - ptrace exploit patch for the LSM kernel
1799 (the GRSec patch already fixes this)
1800 - LSM 2.4-2003040709
1801 - SELinux 2.4-2003040709
1802 - Systrace v1.2
1803 - IPTables patch-o-matic base patches - 20030107
1804 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1805 - Super FreeS/WAN 1.99.6.1
1806 - GRSecurity 1.9.9g
1807 - MPPE
1808 - EXT3 data journal fix
1809 - CIPE 1.5.4
1810
1811 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1812 hardened-sources-2.4.20-r1.ebuild, manifest:
1813 Updated to install flask components correctly for selinux.
1814
1815 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1816 hardened-sources-2.4.20-r1.ebuild:
1817 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1818 is patched in instead. Ptrace patches for selinux have also been added. In
1819 either case, systrace support will be patched in as well.
1820
1821 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1822 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1823 Revision bump for new sources.
1824
1825 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1826 hardened-sources-2.4.20-r1.ebuild:
1827 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1828
1829 *hardened-sources-2.4.20 (30 Mar 2003)
1830
1831 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1832 hardened-sources-2.4.20.ebuild:
1833 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20