/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.189 - (hide annotations) (download)
Thu Oct 4 18:13:52 2007 UTC (7 years, 9 months ago) by phreak
Branch: MAIN
Changes since 1.188: +5 -1 lines
Removing old versions.
(Portage version: 2.1.3.9)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 opfer 1.130 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 phreak 1.189 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.188 2007/10/01 16:59:09 phreak Exp $
4    
5     04 Oct 2007; Christian Heim <phreak@gentoo.org>
6     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
7     Removing old versions.
8 phreak 1.188
9     *hardened-sources-2.6.22-r7 (01 Oct 2007)
10    
11     01 Oct 2007; Christian Heim <phreak@gentoo.org>
12     +hardened-sources-2.6.22-r7.ebuild:
13     Revision bump, pulling in a newer patch. Should fix #194276.
14 phreak 1.187
15     30 Sep 2007; Christian Heim <phreak@gentoo.org>
16     hardened-sources-2.6.20-r10.ebuild:
17     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
18     Mike Doty).
19 phreak 1.186
20     *hardened-sources-2.6.22-r6 (26 Sep 2007)
21    
22     26 Sep 2007; Christian Heim <phreak@gentoo.org>
23     +hardened-sources-2.6.22-r6.ebuild:
24     Revision bump, grabbing up till Linux 2.6.22.9.
25 phreak 1.185
26     24 Sep 2007; Christian Heim <phreak@gentoo.org>
27     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
28     Cleaning up further.
29 phreak 1.184
30     *hardened-sources-2.6.20-r10 (24 Sep 2007)
31    
32     24 Sep 2007; Christian Heim <phreak@gentoo.org>
33     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
34     +hardened-sources-2.6.20-r10.ebuild:
35     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
36     revisions.
37 phreak 1.183
38     *hardened-sources-2.6.22-r5 (22 Sep 2007)
39    
40     22 Sep 2007; Christian Heim <phreak@gentoo.org>
41     +hardened-sources-2.6.22-r5.ebuild:
42     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
43 phreak 1.182
44     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
45     Removing johnm from metadata.xml (see #186467 for reference).
46 phreak 1.181
47     *hardened-sources-2.6.22-r4 (17 Sep 2007)
48    
49     17 Sep 2007; Christian Heim <phreak@gentoo.org>
50     +hardened-sources-2.6.22-r4.ebuild:
51     Revision bump, hopefully fixing all those weird PAX failures.
52 phreak 1.180
53     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
54     Updating the metadata.xml.
55 phreak 1.179
56     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
57     Removing tocharian from metadata due to his retirement (see #71718 for
58     reference).
59 phreak 1.178
60     *hardened-sources-2.6.20-r9 (30 Aug 2007)
61    
62     30 Aug 2007; Christian Heim <phreak@gentoo.org>
63     +hardened-sources-2.6.20-r9.ebuild:
64     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
65 phreak 1.177
66     29 Aug 2007; Christian Heim <phreak@gentoo.org>
67     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
68     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
69     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
70     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
71     -hardened-sources-2.6.22-r2.ebuild:
72     Removing some redundant versions.
73 phreak 1.176
74     *hardened-sources-2.4.35-r1 (29 Aug 2007)
75    
76     29 Aug 2007; Christian Heim <phreak@gentoo.org>
77     +hardened-sources-2.4.35-r1.ebuild:
78     Revision bump, new grsecurity patch.
79 phreak 1.175
80     *hardened-sources-2.6.20-r8 (26 Aug 2007)
81    
82     26 Aug 2007; Christian Heim <phreak@gentoo.org>
83     +hardened-sources-2.6.20-r8.ebuild:
84     Revision bump for Linux 2.6.20.17.
85 phreak 1.174
86     *hardened-sources-2.6.22-r3 (22 Aug 2007)
87    
88     22 Aug 2007; Christian Heim <phreak@gentoo.org>
89     +hardened-sources-2.6.22-r3.ebuild:
90     Revision bump for Linux 2.6.22.4.
91 phreak 1.173
92     16 Aug 2007; Christian Heim <phreak@gentoo.org>
93     hardened-sources-2.6.22-r2.ebuild:
94     Updated patchset, to fix the alignment against 2.6.22.3.
95 phreak 1.172
96     *hardened-sources-2.6.22-r2 (16 Aug 2007)
97    
98     16 Aug 2007; Christian Heim <phreak@gentoo.org>
99     +hardened-sources-2.6.22-r2.ebuild:
100     Revision bump for Linux 2.6.22.3.
101 phreak 1.171
102     *hardened-sources-2.4.35 (16 Aug 2007)
103    
104     16 Aug 2007; Christian Heim <phreak@gentoo.org>
105     +hardened-sources-2.4.35.ebuild:
106     Version bump, initial version for Linux 2.4.35.
107 phreak 1.170
108     *hardened-sources-2.6.21-r4 (16 Aug 2007)
109    
110     16 Aug 2007; Christian Heim <phreak@gentoo.org>
111     +hardened-sources-2.6.21-r4.ebuild:
112     Revision bump for Linux 2.6.21.6.
113 phreak 1.169
114     *hardened-sources-2.6.20-r7 (16 Aug 2007)
115    
116     16 Aug 2007; Christian Heim <phreak@gentoo.org>
117     +hardened-sources-2.6.20-r7.ebuild:
118     Revision bump for Linux 2.6.20.16.
119 phreak 1.168
120     *hardened-sources-2.6.22-r1 (13 Aug 2007)
121    
122     13 Aug 2007; Christian Heim <phreak@gentoo.org>
123     +hardened-sources-2.6.22-r1.ebuild:
124     Yet another revision bump.
125 phreak 1.167
126     *hardened-sources-2.6.22 (10 Aug 2007)
127    
128     10 Aug 2007; Christian Heim <phreak@gentoo.org>
129     +hardened-sources-2.6.22.ebuild:
130     Initial release for 2.6.22. If you are using hardened-sources on a desktop
131     machine (P4 or newer), be aware you might need to disable
132     CONFIG_PAX_PAGEEXEC.
133 phreak 1.166
134     04 Aug 2007; Christian Heim <phreak@gentoo.org>
135     hardened-sources-2.6.20-r6.ebuild:
136     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
137     2.6.20.15.
138 phreak 1.165
139     10 Jul 2007; Christian Heim <phreak@gentoo.org>
140     hardened-sources-2.6.20-r5.ebuild:
141     Marking hardened-sources-2.6.20-r5 stable on ppc.
142 phreak 1.164
143     10 Jul 2007; Christian Heim <phreak@gentoo.org>
144     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
145     Cleanup.
146 phreak 1.163
147     *hardened-sources-2.6.20-r6 (08 Jul 2007)
148    
149     08 Jul 2007; Christian Heim <phreak@gentoo.org>
150     +hardened-sources-2.6.20-r6.ebuild:
151     Revision bump, grabbing yet another stable release.
152 phreak 1.162
153     17 Jun 2007; Christian Heim <phreak@gentoo.org>
154     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
155     -hardened-sources-2.6.21-r2.ebuild:
156     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
157     alpha stable KEYWORD by mistake.
158 phreak 1.161
159     17 Jun 2007; Christian Heim <phreak@gentoo.org>
160     hardened-sources-2.6.20-r5.ebuild:
161     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
162     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
163 phreak 1.160
164     *hardened-sources-2.6.21-r3 (12 Jun 2007)
165    
166     12 Jun 2007; Christian Heim <phreak@gentoo.org>
167     +hardened-sources-2.6.21-r3.ebuild:
168     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
169     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
170     love.
171 phreak 1.159
172     *hardened-sources-2.6.20-r5 (11 Jun 2007)
173    
174     11 Jun 2007; Christian Heim <phreak@gentoo.org>
175     +hardened-sources-2.6.20-r5.ebuild:
176     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
177     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
178     love.
179 pappy 1.158
180     *hardened-sources-2.4.34.5 (11 Jun 2007)
181    
182     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
183     +hardened-sources-2.4.34.5.ebuild:
184     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
185 phreak 1.157
186     30 May 2007; Christian Heim <phreak@gentoo.org>
187     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
188     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
189     stale ebuild(s).
190 phreak 1.156
191     30 May 2007; Christian Heim <phreak@gentoo.org>
192     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
193     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
194     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
195     Doing some cleanups, remove stale ebuilds.
196 phreak 1.155
197     26 May 2007; Christian Heim <phreak@gentoo.org>
198     hardened-sources-2.6.21-r2.ebuild:
199     Fixing the grsecurity patch, had one '};' too much.
200 phreak 1.154
201     *hardened-sources-2.6.21-r2 (26 May 2007)
202    
203     26 May 2007; Christian Heim <phreak@gentoo.org>
204     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
205     +hardened-sources-2.6.21-r2.ebuild:
206     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
207     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
208 phreak 1.153
209     *hardened-sources-2.6.20-r4 (26 May 2007)
210    
211     26 May 2007; Christian Heim <phreak@gentoo.org>
212     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
213     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
214 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
215 phreak 1.152
216     15 May 2007; Christian Heim <phreak@gentoo.org>
217     hardened-sources-2.6.20-r3.ebuild:
218     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
219     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
220     grsecurity patch fail in that exact same hunk.
221 phreak 1.151
222     *hardened-sources-2.6.20-r3 (15 May 2007)
223    
224     15 May 2007; Christian Heim <phreak@gentoo.org>
225     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
226     Revision bump, incorporating Linux 2.6.20.11.
227    
228     *hardened-sources-2.6.21-r1 (11 May 2007)
229    
230     11 May 2007; Christian Heim <phreak@gentoo.org>
231     +hardened-sources-2.6.21-r1.ebuild:
232     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
233     mentioned in #177234.
234 kevquinn 1.150
235     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
236     files/digest-hardened-sources-2.6.21, Manifest:
237     Fix Manifest/digest for linux-2.6.21.tar.bz2
238 phreak 1.149
239     06 May 2007; Christian Heim <phreak@gentoo.org>
240     hardened-sources-2.6.21.ebuild:
241     Bumping the hardened-patches version, needed for the fix for #177234.
242 phreak 1.148
243     *hardened-sources-2.6.21 (02 May 2007)
244    
245     02 May 2007; Christian Heim <phreak@gentoo.org>
246     +hardened-sources-2.6.21.ebuild:
247     Version bump, Linux 2.6.21-hardened.
248 phreak 1.147
249     29 Apr 2007; Christian Heim <phreak@gentoo.org>
250     hardened-sources-2.6.20-r2.ebuild:
251     Adding ~ia64 on Ned's request.
252 phreak 1.146
253     29 Apr 2007; Christian Heim <phreak@gentoo.org>
254     hardened-sources-2.6.20-r2.ebuild:
255     Fixing the included grsecurity patch, wasn't alligning due to the Index:
256     header line(s).
257 phreak 1.145
258     29 Apr 2007; Christian Heim <phreak@gentoo.org>
259     hardened-sources-2.6.20-r2.ebuild:
260     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
261 armin76 1.144
262     *hardened-sources-2.6.20-r2 (10 Apr 2007)
263    
264     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
265     +hardened-sources-2.6.20-r2.ebuild:
266     Version bump, on behalf of phreak
267 phreak 1.143
268     *hardened-sources-2.6.20-r1 (04 Apr 2007)
269    
270     04 Apr 2007; Christian Heim <phreak@gentoo.org>
271     +hardened-sources-2.6.20-r1.ebuild:
272     Revision bump, grabbing a newer grsecurity snapshot.
273 phreak 1.142
274     *hardened-sources-2.6.20 (25 Mar 2007)
275    
276     25 Mar 2007; Christian Heim <phreak@gentoo.org>
277     +hardened-sources-2.6.20.ebuild:
278     Finally a hardened-sources version for 2.6.20; many people have been waiting
279     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
280     testbox.
281 chainsaw 1.141
282     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
283     hardened-sources-2.6.18-r6.ebuild:
284     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
285 phreak 1.140
286     *hardened-sources-2.6.18-r6 (16 Mar 2007)
287    
288     16 Mar 2007; Christian Heim <phreak@gentoo.org>
289     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
290     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
291     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
292     supposed to be.
293 phreak 1.139
294     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
295     Fixing the Manifest, the previous one was broken (as in still had the
296     deleted ebuild in it).
297 phreak 1.138
298     06 Mar 2007; Christian Heim <phreak@gentoo.org>
299     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
300     +hardened-sources-2.6.18-r5.ebuild:
301     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
302     Linux 2.6.18.8. Also cleaning up the older version.
303    
304     *hardened-sources-2.6.18-r5 (06 Mar 2007)
305    
306     06 Mar 2007; Christian Heim <phreak@gentoo.org>
307     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
308     +hardened-sources-2.6.18-r5.ebuild:
309     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
310     Linux 2.6.18.8. Also cleaning up the older version.
311 phreak 1.137
312     24 Feb 2007; Christian Heim <phreak@gentoo.org>
313     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
314     -hardened-sources-2.6.19-r5.ebuild:
315     Removing some of the old version, that didn't work.
316 phreak 1.136
317     *hardened-sources-2.6.19-r6 (12 Feb 2007)
318    
319     12 Feb 2007; Christian Heim <phreak@gentoo.org>
320     +hardened-sources-2.6.19-r6.ebuild:
321     Revision bump, including a new grsec version fixing #166235.
322 pappy 1.134
323     *hardened-sources-2.4.34 (24 Jan 2007)
324    
325     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
326 pappy 1.135 Manifest:
327     updating Manifest with checksums of new tarball and ebuild
328    
329     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
330 pappy 1.134 +hardened-sources-2.4.34.ebuild:
331     I added new hardened sources 2.4 update, this is a critical path
332     security bugfix - all users of h-s are strongly advised
333     to update their existing hardened sources to this version.
334     It contains a fix for a kernel vulnerability that is pertaining
335     to the PaX changes to virtual memory management, possibly leading
336     to a local kernel exploit ... see grsecurity.net forums and homepage
337 phreak 1.133
338     23 Jan 2007; Christian Heim <phreak@gentoo.org>
339     files/digest-hardened-sources-2.6.19-r5, Manifest:
340     Fixing the patch-tarball digest.
341 phreak 1.132
342     *hardened-sources-2.6.19-r5 (23 Jan 2007)
343    
344     23 Jan 2007; Christian Heim <phreak@gentoo.org>
345     +hardened-sources-2.6.19-r5.ebuild:
346     Revision bump, closing the recently discovered PaX expand_stack()
347     vulnerability.
348 phreak 1.131
349     *hardened-sources-2.6.19-r4 (14 Jan 2007)
350    
351     14 Jan 2007; Christian Heim <phreak@gentoo.org>
352     +hardened-sources-2.6.19-r4.ebuild:
353     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
354     dropping the randomized PID feature.
355 opfer 1.130
356     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
357     hardened-sources-2.4.33.4.ebuild:
358     stable x86, bug #161171
359 phreak 1.129
360     *hardened-sources-2.6.19-r3 (27 Dec 2006)
361    
362     27 Dec 2006; Christian Heim <phreak@gentoo.org>
363     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
364     Revision bump for bug #157186 and #158786.
365 phreak 1.128
366     *hardened-sources-2.6.18-r4 (27 Dec 2006)
367    
368     27 Dec 2006; Christian Heim <phreak@gentoo.org>
369     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
370     Revision bump for bug #157186.
371 phreak 1.127
372     *hardened-sources-2.6.19-r2 (23 Dec 2006)
373    
374     23 Dec 2006; Christian Heim <phreak@gentoo.org>
375     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
376     Revision bump to pull in genpatches-2.6.19-3 for #157186.
377 phreak 1.126
378     17 Dec 2006; Christian Heim <phreak@gentoo.org>
379     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
380     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
381     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
382     hardened-sources-2.6.19-r1.ebuild:
383     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
384     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
385 pappy 1.125
386     *hardened-sources-2.4.33.4 (17 Dec 2006)
387    
388     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
389     +hardened-sources-2.4.33.4.ebuild:
390     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
391     and quilting
392 phreak 1.124
393     *hardened-sources-2.6.19-r1 (14 Dec 2006)
394    
395     14 Dec 2006; Christian Heim <phreak@gentoo.org>
396     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
397     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
398     for reporting).
399 phreak 1.123
400     *hardened-sources-2.6.19 (13 Dec 2006)
401    
402     13 Dec 2006; Christian Heim <phreak@gentoo.org>
403     +hardened-sources-2.6.19.ebuild:
404     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
405     Brad for providing that prompt update.
406 phreak 1.122
407     *hardened-sources-2.6.18-r3 (13 Dec 2006)
408    
409     13 Dec 2006; Christian Heim <phreak@gentoo.org>
410     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
411     +hardened-sources-2.6.18-r3.ebuild:
412     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
413     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
414 phreak 1.121
415     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
416     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
417 nixnut 1.120
418     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
419     Stable on ppc wrt bug 157356
420 opfer 1.119
421     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
422     hardened-sources-2.6.18.ebuild:
423     stable x86, bug #157356
424 phreak 1.118
425     *hardened-sources-2.6.18-r2 (06 Dec 2006)
426    
427     06 Dec 2006; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.18-r2.ebuild:
429     Revision bump, including 2.6.18.5 (via genpatches) and
430     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
431     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
432     redesign.
433 phreak 1.117
434     06 Dec 2006; Christian Heim <phreak@gentoo.org>
435     hardened-sources-2.6.18.ebuild:
436     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
437     of Mike Doty).
438 phreak 1.116
439     *hardened-sources-2.6.18-r1 (23 Nov 2006)
440    
441     23 Nov 2006; Christian Heim <phreak@gentoo.org>
442     +hardened-sources-2.6.18-r1.ebuild:
443     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
444 phreak 1.115
445     *hardened-sources-2.6.18 (11 Nov 2006)
446    
447     11 Nov 2006; Christian Heim <phreak@gentoo.org>
448     +hardened-sources-2.6.18.ebuild:
449     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
450 solar 1.114
451     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
452     - mark amd64 stable also. bug #151877
453 solar 1.113
454     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
455     - mark 2.6.17-r1 stable
456 phreak 1.112
457     27 Aug 2006; Christian Heim <phreak@gentoo.org>
458     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
459     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
460 phreak 1.111
461     *hardened-sources-2.6.17-r1 (26 Aug 2006)
462    
463     26 Aug 2006; Christian Heim <phreak@gentoo.org>
464     +hardened-sources-2.6.17-r1.ebuild:
465     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
466     grsecurity patch.
467 phreak 1.110
468     *hardened-sources-2.6.17 (17 Aug 2006)
469    
470     17 Aug 2006; Christian Heim <phreak@gentoo.org>
471     +hardened-sources-2.6.17.ebuild:
472     Bumping the hardened-sources-2.6 series to 2.6.17, using
473     genpatches-2.6.17-6.base.
474 solar 1.109
475     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
476     - stable on x86 and amd64
477 solar 1.108
478     *hardened-sources-2.6.16-r11 (15 Jul 2006)
479    
480     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
481     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
482     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
483     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
484     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
485     crusty ebuilds
486 johnm 1.107
487     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
488     hardened-sources-2.6.16-r10.ebuild:
489     marking stable on x86 and amd64
490 solar 1.106
491     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
492     - 2.4.32-r6 stable on x86. RSBAC state unknown
493 kang 1.105
494     *hardened-sources-2.4.32-r7 (10 Jul 2006)
495    
496     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
497     +hardened-sources-2.4.32-r7.ebuild:
498     Bump PaX for RSBAC to test-17
499 johnm 1.104
500     *hardened-sources-2.6.16-r9 (03 Jul 2006)
501    
502     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
503     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
504     hardened-sources-2.6.16 bump to latest -base.
505 solar 1.103
506     *hardened-sources-2.4.32-r6 (30 Jun 2006)
507    
508     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
509     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
510     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
511     sysctl controlable resource logging
512 johnm 1.102
513     *hardened-sources-2.6.16-r7 (05 Jun 2006)
514    
515     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
516     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
517     push new 2.6.16 release in preparation for stable
518 solar 1.101
519     22 May 2006; <solar@gentoo.org> :
520     - redigest bug 134002
521 kang 1.100
522     *hardened-sources-2.4.32-r5 (16 May 2006)
523    
524     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
525     +hardened-sources-2.4.32-r5.ebuild:
526     Fixes rsbac common patching (new patch in new -r5 patchset)
527 solar 1.99
528     *hardened-sources-2.4.32-r4 (13 May 2006)
529    
530     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
531     +hardened-sources-2.4.32-r4.ebuild:
532     - security bumps
533 johnm 1.98
534     *hardened-sources-2.6.16-r6 (03 May 2006)
535    
536     03 May 2006; John Mylchreest <johnm@gentoo.org>
537     +hardened-sources-2.6.16-r6.ebuild:
538     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
539 johnm 1.97
540     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
541     hardened-sources-2.6.14-r8.ebuild:
542     fix x86_64 build problem, this will delay the digest issue again for a short
543     while but it will sort itself out
544 johnm 1.96
545     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
546     hardened-sources-2.6.14-r8.ebuild:
547     bump hardened patchset
548 antarus 1.94
549     27 Apr 2006; Alec Warner <antarus@gentoo.org>
550     files/digest-hardened-sources-2.4.32-r2,
551     files/digest-hardened-sources-2.4.32-r3,
552     files/digest-hardened-sources-2.6.14-r8, Manifest:
553     Fixing duff SHA256 digests: Bug # 131293
554 johnm 1.93
555 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
556    
557     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
558     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
559     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
560     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
561     cleanup of old uneccessary sources
562    
563 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
564     fix digest
565 johnm 1.92
566     *hardened-sources-2.6.14-r8 (20 Apr 2006)
567    
568     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
569     +hardened-sources-2.6.14-r8.ebuild:
570     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
571 johnm 1.91
572     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
573     Turning on gpg-signing again, and recomitting
574 johnm 1.90
575     *hardened-sources-2.6.16-r4 (20 Apr 2006)
576    
577     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
578     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
579     +hardened-sources-2.6.16-r4.ebuild:
580     Fix numerous security vulns
581 solar 1.89
582     *hardened-sources-2.4.32-r3 (16 Apr 2006)
583    
584     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
585     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
586     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
587     - security bump for bug #112791. Removed old ebuilds
588 johnm 1.88
589     *hardened-sources-2.6.16-r3 (15 Apr 2006)
590    
591     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
592     +hardened-sources-2.6.16-r3.ebuild:
593     Removing silly localversion which I missed
594 johnm 1.87
595     *hardened-sources-2.6.14-r7 (14 Apr 2006)
596    
597     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
598     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
599     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
600 johnm 1.86
601     *hardened-sources-2.6.16-r2 (13 Apr 2006)
602    
603     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
604     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
605     +hardened-sources-2.6.16-r2.ebuild:
606     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
607     labels, dropping USERGROUP define fixes, since these were merged mainstream.
608 johnm 1.85
609     *hardened-sources-2.6.16-r1 (11 Apr 2006)
610    
611     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
612     +hardened-sources-2.6.16-r1.ebuild:
613     Bumping to include ppc build fix and 2.6.16.3
614 tsunam 1.84
615     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
616     hardened-sources-2.6.14-r6.ebuild:
617     Stable on x86; bug #127718
618 johnm 1.83
619     *hardened-sources-2.6.16 (31 Mar 2006)
620    
621     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
622     +hardened-sources-2.6.16.ebuild:
623     Bumping to new version of grsec, and kernel base. New squashfs. Based on
624     2.6.16.1
625 cryos 1.82
626     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
627     hardened-sources-2.6.14-r6.ebuild:
628     Stable on amd64, bug 127718.
629 nixnut 1.81
630     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
631     Stable on ppc. Bug #127718
632 johnm 1.80
633     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
634     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
635     -hardened-sources-2.6.14-r4.ebuild:
636     Cleanup.
637 johnm 1.79
638     *hardened-sources-2.6.14-r6 (15 Mar 2006)
639    
640     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
641     +hardened-sources-2.6.14-r6.ebuild:
642     Fixes grsec policy recreation bug and adds a
643     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
644 solar 1.78
645     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
646     - stable on x86
647 hansmi 1.77
648     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
649     hardened-sources-2.6.14-r5.ebuild:
650     Stable on ppc.
651 johnm 1.76
652     *hardened-sources-2.6.14-r5 (01 Feb 2006)
653    
654     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
655     +hardened-sources-2.6.14-r5.ebuild:
656     fixing every known exploit
657 solar 1.75
658     *hardened-sources-2.4.32-r2 (26 Jan 2006)
659    
660     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
661     +hardened-sources-2.4.32-r2.ebuild:
662     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
663 solar 1.74
664     *hardened-sources-2.6.14-r4 (12 Jan 2006)
665    
666     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
667     - version bump for new genpatches which fix up a few sec holes
668 solar 1.73
669     *hardened-sources-2.4.32-r1 (05 Jan 2006)
670    
671     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
672     - revision bump to add misc vital linux kernel security patches.
673 johnm 1.72
674     *hardened-sources-2.6.14-r3 (30 Dec 2005)
675    
676     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
677     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
678     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
679 johnm 1.71
680     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
681     hardened-sources-2.6.14-r2.ebuild:
682     making x86 & amd64 stable following testing.
683 johnm 1.70
684     *hardened-sources-2.6.14-r2 (27 Dec 2005)
685    
686     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
687     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
688     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
689     network hooks.
690 johnm 1.69
691     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
692     hardened-sources-2.6.14-r1.ebuild:
693     bumping to stable early for sec fix on x86 & amd64
694 johnm 1.68
695     *hardened-sources-2.6.14-r1 (05 Dec 2005)
696    
697     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
698     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
699     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
700 solar 1.67
701     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
702     - stable on x86 security bug #114227 CAN-2005-3257
703 kang 1.66
704     *hardened-sources-2.4.32 (19 Nov 2005)
705    
706     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
707     +hardened-sources-2.4.32.ebuild:
708     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
709     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
710     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
711     rsbac >> /etc/portage/package.use)
712 johnm 1.65
713     *hardened-sources-2.6.14 (14 Nov 2005)
714    
715     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
716     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
717     Bumping 2.6 series to 2.6.14.2
718 johnm 1.64
719     *hardened-sources-2.6.13-r2 (20 Oct 2005)
720    
721     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
722     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
723     +hardened-sources-2.6.13-r2.ebuild:
724     Fixes minor build error in ppc.
725 johnm 1.63
726     *hardened-sources-2.6.13-r1 (17 Oct 2005)
727    
728     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
729     +hardened-sources-2.6.13-r1.ebuild:
730     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
731     2.6.13.4, fixes some major amd64 stability problems.
732 johnm 1.62
733     *hardened-sources-2.6.13 (16 Sep 2005)
734    
735     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
736     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
737     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
738     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
739     users should test this thoroughly.
740 solar 1.61
741     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
742     - stable on x86
743 johnm 1.60
744     *hardened-sources-2.6.11-r15 (27 Jun 2005)
745    
746     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
747     +hardened-sources-2.6.11-r15.ebuild:
748     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
749     grsec redefining curr_ip struct.
750 solar 1.59
751     *hardened-sources-2.4.31 (20 Jun 2005)
752    
753     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
754     initial import of 2.4.31 tree
755 johnm 1.58
756     *hardened-sources-2.6.11-r14 (14 Jun 2005)
757    
758     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
759     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
760     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
761     naming scheme to abide by genpatches
762 johnm 1.57
763     *hardened-sources-2.6.11-r13 (18 May 2005)
764    
765     18 May 2005; John Mylchreest <johnm@gentoo.org>
766     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
767     Managed to mangle the Makefile patch from grsec, to miss out the grsec
768     target. sorry about that. Fixes bug #93022
769 johnm 1.56
770     *hardened-sources-2.6.11-r12 (17 May 2005)
771    
772     17 May 2005; John Mylchreest <johnm@gentoo.org>
773     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
774     +hardened-sources-2.6.11-r12.ebuild:
775     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
776     merges in genpatches-base
777 johnm 1.55
778     *hardened-sources-2.6.11-r12 (17 May 2005)
779    
780     17 May 2005; John Mylchreest <johnm@gentoo.org>
781     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
782     +hardened-sources-2.6.11-r12.ebuild:
783     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
784     merges in genpatches-base
785 solar 1.54
786     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
787     -files/2.4.27-cmdline-race.patch,
788     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
789     -files/2.4.28-grsec-binfmt_a.out.patch,
790     -files/2.4.28-grsec-cmdline-race.patch,
791     -files/2.4.28-selinux-binfmt_a.out.patch,
792     -files/2.4.28-selinux-cmdline-race.patch,
793     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
794     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
795     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
796     cleanup..
797 solar 1.53
798     *hardened-sources-2.4.30-r1 (21 Apr 2005)
799    
800     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
801     - disable aout by default
802 solar 1.52
803     *hardened-sources-2.4.30 (18 Apr 2005)
804    
805     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
806     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
807     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
808     use
809 tocharian 1.50
810 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
811    
812     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
813     +hardened-sources-2.4.29.ebuild:
814     New hardened-patches-2.4-29.0 patchball.
815     Removed SELinux support, upgraded GRSecurity to 2.1.4.
816    
817     *hardened-sources-2.4.28-r5 (06 Mar 2005)
818    
819     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
820     +hardened-sources-2.4.28-r5.ebuild:
821     Added a fix for a PaX vulnerability.
822    
823     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
824 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
825     Stable on x86
826 solar 1.49
827     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
828     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
829     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
830     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
831     - fixed/added RDEPEND= in all kernel-2 ebuilds
832 tocharian 1.48
833     *hardened-sources-2.4.28-r4 (21 Jan 2005)
834    
835     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
836     +hardened-sources-2.4.28-r4.ebuild:
837     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
838     backport of neighbour hash updates.
839 tocharian 1.47
840     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
841     hardened-sources-2.4.28-r3.ebuild:
842     Stable on x86
843 tseng 1.46
844     *hardened-sources-2.6.10-r3 (20 Jan 2005)
845    
846     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
847     +hardened-sources-2.6.10-r3.ebuild:
848     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
849     in 2005.0
850 tocharian 1.45
851     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
852     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
853     hardened-sources-2.4.28-r2.ebuild:
854     Mark stable on x86
855 tocharian 1.44
856     *hardened-sources-2.4.28-r3 (17 Jan 2005)
857    
858     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
859     +hardened-sources-2.4.28-r3.ebuild:
860     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
861 tocharian 1.43
862     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
863     hardened-sources-2.4.28.ebuild:
864     Mark stable on x86.
865 tocharian 1.42
866     *hardened-sources-2.4.28-r2 (13 Jan 2005)
867    
868     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
869     +hardened-sources-2.4.28-r2.ebuild:
870     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
871     Mazinger for grsecurity patches as well.
872 plasmaroo 1.41
873     *hardened-sources-2.4.28-r1 (23 Dec 2004)
874    
875     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
876     Security bump. Thank tocharian for rolling a new patchset...
877 solar 1.40
878     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
879     +files/2.4.28-grsec-cmdline-race.patch,
880     +files/2.4.28-selinux-binfmt_a.out.patch,
881     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
882     - Round up remaining security patches that appear to be missing in 2.4.28. -
883     PaX standalone updated to current. hgpv=28.1
884 solar 1.39
885     *hardened-sources-2.4.28 (28 Nov 2004)
886    
887     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
888     security bump. Thank tocharian for rolling a new patchset
889 scox 1.31
890 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
891    
892     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
893     +hardened-sources-2.4.27-r3.ebuild:
894     Applies the new 2.4-27.2 patchball which updates
895     GRSecurity to the 2.0.1 version.
896    
897 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
898    
899     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
900     +hardened-sources-2.4.27-r2.ebuild:
901     Version bump.
902     This version uses the new 2.4-27.1 patchball which updates
903     both the SELinux PaX hooks patch and the SELinux headers.
904    
905 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
906    
907     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
908     +hardened-sources-2.4.27-r1.ebuild,
909     -hardened-sources-2.4.27.ebuild,
910     +files/2.4.27-cmdline-race.patch:
911     Version bump, fix for cmdline race. See bug #59905.
912    
913     *hardened-sources-2.4.26-r6 (09 Aug 2004)
914    
915     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
916     +hardened-sources-2.4.26-r6.ebuild,
917     -hardened-sources-2.4.26-r5.ebuild,
918     -hardened-sources-2.4.26-r4.ebuild,
919     +files/2.4.26-cmdline-race.patch:
920     Version bump, fix for cmdline race. See bug #59905.
921    
922 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
923    
924     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
925     +hardened-sources-2.4.27.ebuild,
926     +files/2.4.27-CAN-2004-0394.patch:
927     Ported the patchball to the 2.4.27 kernel version.
928    
929 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
930    
931     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
932     +hardened-sources-2.4.26-r5.ebuild:
933 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
934 scox 1.34 It adds the following features:
935     - Squashfs
936     - Ebtables
937     - Netdev random (core+drivers)
938     - Watchdog Timer (WDT) fix.
939    
940 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
941    
942     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
943     +hardened-sources-2.4.26-r4.ebuild,
944     +files/2.4.26-CAN-2004-0415.patch,
945     -hardened-sources-2.4.26-3:
946     Version bump, fix for CAN 0415, see bug #59378.
947    
948 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
949    
950     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
951     +hardened-sources-2.4.26-r3.ebuild,
952     +files/2.4.26-CAN-2004-0497.patch,
953     -hardened-sources-2.4.26-r2.ebuild:
954     Version bump, fixed CAN 0497, see bug #56171.
955    
956 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
957    
958     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
959 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
960 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
961     +files/2.4.26-CAN-2004-0535.patch,
962     -hardened-sources-2.4.26-r1.ebuild:
963     Fixes for both CAN 0495 and 0535, see bug #54976
964 pvdabeel 1.27
965 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
966     hardened-sources-2.4.26-r1.ebuild:
967     QA - fix use invocation
968 scox 1.28
969     *hardened-sources-2.4.26-r1 (22 June 2004)
970    
971     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
972     +hardened-sources-2.4.26-r1.ebuild,
973     +files/2.4.26-CAN-2004-0394.patch,
974     +files/2.4.26-signal-race.patch,
975     -hardened-sources-2.4.26.ebuild,
976     -hardened-sources-2.4.24-r3.ebuild:
977     Version bump for the CAN-2004-0394 issue and bug #53804
978     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
979    
980    
981 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
982     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
983     Masked hardened-sources-2.4.26.ebuild broken for ppc
984    
985     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
986     hardened-sources-2.4.24-r3.ebuild:
987     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
988 plasmaroo 1.25
989 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
990    
991     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
992     +hardened-sources-2.4.26.ebuild:
993     Updated hardened-sources for the 2.4.26 kernel
994     Removed broken components, updated almost everything.
995    
996 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
997    
998     17 Apr 2004; <plasmaroo@gentoo.org>
999     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1000     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1001     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1002     +hardened-sources-2.4.24-r3.ebuild:
1003     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1004     vulnerabilities. Old revisions removed.
1005 plasmaroo 1.24
1006     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1007    
1008     15 Apr 2004; <plasmaroo@gentoo.org>
1009     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1010     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1011     Version bump for the CAN-2004-0109 issue; bug #47881.
1012 aliz 1.23
1013     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1014     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1015     Add eutils to inherit.
1016 plasmaroo 1.22
1017     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1018    
1019     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1020     files/hardened-sources-2.4.24.munmap.patch:
1021     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1022 scox 1.19
1023 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1024 scox 1.26
1025 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1026     hardened-sources-2.4.24.ebuild:
1027     Version bump, updated most of the components.
1028     This release includes the following:
1029    
1030     - Hardened security
1031     - Netfilter patch-o-matic 20031219
1032     - FreeSWAN 2.04 & x509 1.4.8
1033     - EVMS 2.2.2
1034     - XFS 1.3.1
1035     - cryptoloop jari
1036     - grsecurity 2.0-rc4
1037     - SELinux
1038     - PaX 200402060000
1039     - PaX Obscurity 200308302223
1040     - Others...
1041    
1042     Neither -ck nor systrace are included anymore.
1043    
1044 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1045    
1046     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1047     hardened-sources-2.4.22-r2.ebuild:
1048 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1049 scox 1.19
1050     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1051 iggy 1.17
1052     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1053 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1054 iggy 1.16
1055     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1056 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1057     Version bump for the 'do_brk' vulnerability.
1058 iggy 1.15
1059     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1060     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1061     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1062     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1063 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1064 frogger 1.14
1065     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1066     hardened-sources-2.4.22.ebuild:
1067 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1068     components. These are no longer handled in the kernel
1069     so this code was not necessary.
1070 frogger 1.13
1071     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1072     New 2.4.22 based hardened-sources thanks to
1073     Phil West <p.west@computer.org>.
1074    
1075     These sources include:
1076 plasmaroo 1.18 - New SELinux API
1077     - Updated CK-base
1078     - Updated GRSec
1079     - Systrace
1080     - SuperFreeS/WAN 1.99.8
1081     - Propolice kernel build support
1082     - EVMS
1083     - Other various security related patches
1084 frogger 1.11
1085 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1086    
1087     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1088     Updated hardened-sources based on the 2.4.21 Linux kernel.
1089     This includes updates to most major components such as:
1090 plasmaroo 1.18 - ck-base-0306300059
1091     - selinux-2.4-2003071106
1092     - grsecurity-2.0-rc1
1093     - Updated IPTables patch-o-matic
1094     - Updated SuperFreeS/WAN
1095    
1096 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1097     updated patch set ready for the 2.4.21 based kernel.
1098    
1099 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1100     Initial import of hardened-sources-2.4.20-r4. This revision
1101     includes only a few changes, but one of these is an important
1102     security fix. It is recommended all users of hardened-sources
1103     upgrade to this release.
1104 plasmaroo 1.18
1105 frogger 1.11 - ioperm bug fix
1106     - fixed compilation failure when building without GRSec
1107 plasmaroo 1.18
1108 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1109     due to time constraints, but is planned for inclusion in the near
1110     future.
1111 msterret 1.10
1112     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1113    
1114     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1115     hardened-sources-2.4.20-r3.ebuild:
1116 plasmaroo 1.18 Add Header...
1117 frogger 1.9
1118     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1119     hardened-sources-2.4.20-r3.ebuild:
1120     Removed warnings from ebuild. This kernel should be safe to
1121     use at this point.
1122 frogger 1.8
1123     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1124    
1125     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1126     hardened-sources-2.4.20-r3.ebuild:
1127     New revision. Includes the following changes over -r2:
1128 plasmaroo 1.18
1129 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1130     - Super FreeS/WAN 1.99.7rc2
1131     - PaX for the LSM/SELinux branch
1132     - GRSecurity 2.0-pre4 (role based access control)
1133     - Systrace 1.3
1134     - EXT3 fixes
1135     - EVMS 2.0.1
1136     - GCC 3.1+ compile optimizations
1137     - ProPolice kernel build support
1138     - Hashing table security fixes
1139 frogger 1.3
1140     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1141 frogger 1.7
1142     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1143     Initial import of hardened-sources-r2. This new
1144     ebuild includes many new performance and security
1145     related patches. As in -r1, it will patch in
1146     LSM/SELinux if "selinux" is in USE, otherwise it
1147     will patch in GRSecurity. The following patches
1148     are included in this revision:
1149 plasmaroo 1.18
1150 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1151     (pulled from the base CK patch)
1152     - ptrace exploit patch for the LSM kernel
1153     (the GRSec patch already fixes this)
1154     - LSM 2.4-2003040709
1155     - SELinux 2.4-2003040709
1156     - Systrace v1.2
1157     - IPTables patch-o-matic base patches - 20030107
1158     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1159     - Super FreeS/WAN 1.99.6.1
1160     - GRSecurity 1.9.9g
1161     - MPPE
1162     - EXT3 data journal fix
1163     - CIPE 1.5.4
1164 frogger 1.6
1165     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1166     hardened-sources-2.4.20-r1.ebuild, manifest:
1167 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1168 frogger 1.5
1169     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1170     hardened-sources-2.4.20-r1.ebuild:
1171     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1172     is patched in instead. Ptrace patches for selinux have also been added. In
1173     either case, systrace support will be patched in as well.
1174 frogger 1.3
1175     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1176     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1177 plasmaroo 1.18 Revision bump for new sources.
1178 frogger 1.4
1179 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1180 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1181 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1182 method 1.1
1183 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1184    
1185 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1186     hardened-sources-2.4.20.ebuild:
1187 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20