/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.233 - (hide annotations) (download)
Mon Aug 18 01:39:02 2008 UTC (6 years, 8 months ago) by solar
Branch: MAIN
Changes since 1.232: +10 -1 lines
- proxy commit for gengor
2.6.26: Initial 2.6.26 release.
2.6.25-r4: Update to Linux 2.6.25.15.  Fixes security bugs #234799, #234803 and #234812.
2.6.25-r2: Removed.
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 solar 1.233 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.232 2008/08/16 17:47:32 tove Exp $
4    
5     *hardened-sources-2.6.26 (18 Aug 2008)
6     *hardened-sources-2.6.25-r4 (18 Aug 2008)
7    
8     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
9     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
10     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
11     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
12     2.6.25-r2: Removed.
13 tove 1.232
14     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
15     Remove phreak from metadata.xml (#96398)
16 solar 1.231
17     *hardened-sources-2.6.25-r3 (31 Jul 2008)
18    
19     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
20     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
21     +hardened-sources-2.6.25-r3.ebuild:
22     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
23     fixes, including security bug #231750.
24 nixnut 1.230
25     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
26     Stable on ppc
27 solar 1.229
28     *hardened-sources-2.6.25-r2 (05 Jul 2008)
29    
30     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
31     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
32     +hardened-sources-2.6.25-r2.ebuild:
33     2.6.23-r4: Stable x86/amd64
34     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
35     2.6.23-r{11,12}: Removed due to multiple vulns.
36     (gengor & kerframil)
37 nixnut 1.228
38     04 Jul 2008; nixnut <nixnut@gentoo.org>
39     hardened-sources-2.6.23-r13.ebuild:
40     Stable on ppc
41 solar 1.227
42     *hardened-sources-2.6.25-r1 (30 Jun 2008)
43    
44     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
45     +hardened-sources-2.6.25-r1.ebuild:
46     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
47     grsecurity release. 2.6.23-r13: x86/amd64 stable
48 solar 1.226
49     *hardened-sources-2.6.25 (17 Jun 2008)
50     *hardened-sources-2.6.24-r3 (17 Jun 2008)
51     *hardened-sources-2.6.23-r13 (17 Jun 2008)
52    
53     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
54     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
55     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
56     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
57     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
58     2.6.25: Initial 2.6.25 release.
59 solar 1.225
60     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
61     - fasttrack to stable x86/amd64
62 swegener 1.224
63     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
64     Fix broken digest for linux-2.6.24.tar.bz2.
65 solar 1.223
66     *hardened-sources-2.6.24-r2 (11 May 2008)
67     *hardened-sources-2.6.23-r12 (11 May 2008)
68    
69     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
70     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
71     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
72     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
73     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
74     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
75     security bugs 219901, 220691, 220975, 220979, 221123. New
76     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
77     should be removed as far as I'm concerned, everything else remove due to
78     vulnerable to numerous security bugs or brokeness.
79 nixnut 1.222
80     10 May 2008; nixnut <nixnut@gentoo.org>
81     hardened-sources-2.6.23-r11.ebuild:
82     Stable on ppc
83 solar 1.221
84     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
85     - -r11 stable on x86/amd64
86 solar 1.220
87     *hardened-sources-2.6.23-r11 (01 May 2008)
88    
89     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
90     - version bump to fix ulgy linux bugs
91 phreak 1.219
92     *hardened-sources-2.6.24-r1 (30 Apr 2008)
93    
94     30 Apr 2008; Christian Heim <phreak@gentoo.org>
95     +hardened-sources-2.6.24-r1.ebuild:
96     Revision bump (thanks to Kerin and Gordon, again), pulling
97     genpatches-2.6.24-7, solving #219089. Additionally contains further security
98     fixes plus some minor updates.
99 phreak 1.218
100     *hardened-sources-2.6.23-r10 (30 Apr 2008)
101    
102     30 Apr 2008; Christian Heim <phreak@gentoo.org>
103     +hardened-sources-2.6.23-r10.ebuild:
104     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
105     Additional contains "various other fixes".
106 phreak 1.217
107     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
108     Update the longdescription in metadata, thanks to Gordon Malm.
109 nixnut 1.216
110     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
111     Stable on ppc wrt bug #213255
112 solar 1.215
113     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
114     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
115     - stable on x86/amd64 per request. Removed obsolete ebuilds
116 phreak 1.214
117     *hardened-sources-2.6.24 (07 Apr 2008)
118    
119     07 Apr 2008; Christian Heim <phreak@gentoo.org>
120     +hardened-sources-2.6.24.ebuild:
121     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
122     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
123     for the many contributions and their continued effort in #216612) based on
124     2.6.24 and genpatches-2.6.24-5.
125    
126     The current ebuild/patchset contains these things:
127     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
128     * Introduces bespoke server and workstation oriented security levels
129     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
130 phreak 1.213
131     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
132     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
133     maintaining it).
134 phreak 1.212
135     24 Mar 2008; Christian Heim <phreak@gentoo.org>
136     hardened-sources-2.4.35-r2.ebuild:
137     Fixing SRC_URI for 2.4.35-r2.
138 phreak 1.211
139     *hardened-sources-2.6.23-r9 (22 Mar 2008)
140    
141     22 Mar 2008; Christian Heim <phreak@gentoo.org>
142     +hardened-sources-2.6.23-r9.ebuild:
143     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
144     * Change the default GIDs for some grsecurity options
145     * Revamp the Hardened [Gentoo] security level and make it the default level
146     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
147     * Fix a recursive lock -- call to capable() within ptrace_attach()
148     * Fix bug that allows audit and iscsi operations to be controlled via netlink
149 solar 1.210
150     *hardened-sources-2.6.23-r8 (27 Feb 2008)
151    
152     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
153     - version bump from Kerin Millar bug 210026
154 solar 1.209
155     17 Feb 2008; <solar@gentoo.org> metadata.xml,
156     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
157     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
158     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
159     - stable on x86 and remove old ebuilds
160 solar 1.207
161     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
162 solar 1.208 - stable on amd64 per request of amd64 lead
163 solar 1.206
164     *hardened-sources-2.6.23-r7 (11 Feb 2008)
165    
166     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
167     - version bump from kerin.millar
168     Changes:
169    
170     * Bump to genpatches-base-2.6.23-9
171     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
172     * Disables COMPAT_VDSO in x86/defconfig
173     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
174 phreak 1.205
175     25 Jan 2008; Christian Heim <phreak@gentoo.org>
176     -hardened-sources-2.6.22-r8.ebuild:
177     Cleaning up old versions.
178 phreak 1.204
179     *hardened-sources-2.6.23-r6 (25 Jan 2008)
180    
181     25 Jan 2008; Christian Heim <phreak@gentoo.org>
182     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
183     Revision bump, pulling in the latest genpatches.
184 phreak 1.203
185     *hardened-sources-2.6.23-r5 (24 Dec 2007)
186    
187     24 Dec 2007; Christian Heim <phreak@gentoo.org>
188     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
189     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
190     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
191     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
192 phreak 1.202
193     24 Dec 2007; Christian Heim <phreak@gentoo.org>
194     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
195     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
196     -hardened-sources-2.6.23-r3.ebuild:
197     Cleaning out some unused, old versions.
198 phreak 1.201
199     24 Dec 2007; Christian Heim <phreak@gentoo.org>
200     hardened-sources-2.6.23-r4.ebuild:
201     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
202     in the tree for long, but there isn't much of a difference between this and
203     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
204 phreak 1.200
205     *hardened-sources-2.6.23-r4 (23 Dec 2007)
206    
207     23 Dec 2007; Christian Heim <phreak@gentoo.org>
208     +hardened-sources-2.6.23-r4.ebuild:
209     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
210 phreak 1.199
211     *hardened-sources-2.6.23-r3 (04 Dec 2007)
212    
213     04 Dec 2007; Christian Heim <phreak@gentoo.org>
214     +hardened-sources-2.6.23-r3.ebuild:
215     Revision bump, pulling in 2.6.23.9.
216 phreak 1.198
217     *hardened-sources-2.6.23-r2 (25 Nov 2007)
218    
219     25 Nov 2007; Christian Heim <phreak@gentoo.org>
220     +hardened-sources-2.6.23-r2.ebuild:
221     Updated patchset, thanks to solar.
222 phreak 1.197
223     *hardened-sources-2.6.23-r1 (31 Oct 2007)
224    
225     31 Oct 2007; Christian Heim <phreak@gentoo.org>
226     +hardened-sources-2.6.23-r1.ebuild:
227     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
228 solar 1.196
229     29 Oct 2007; <solar@gentoo.org> metadata.xml:
230     - update metadata.xml
231 phreak 1.195
232     25 Oct 2007; Christian Heim <phreak@gentoo.org>
233     hardened-sources-2.6.22-r8.ebuild:
234     Marking 2.6.22-r8 stable on amd64 and x86.
235 phreak 1.194
236     21 Oct 2007; Christian Heim <phreak@gentoo.org>
237     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
238     -hardened-sources-2.6.21-r4.ebuild:
239     Removing old ebuilds.
240 phreak 1.193
241     *hardened-sources-2.4.35-r2 (21 Oct 2007)
242    
243     21 Oct 2007; Christian Heim <phreak@gentoo.org>
244     +hardened-sources-2.4.35-r2.ebuild:
245     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
246     patches.
247 phreak 1.192
248     *hardened-sources-2.6.22-r8 (21 Oct 2007)
249    
250     21 Oct 2007; Christian Heim <phreak@gentoo.org>
251     +hardened-sources-2.6.22-r8.ebuild:
252     Yet another new patch, hopefully fixing the remaining issues we had w/
253     2.6.22. Candidate for stabling.
254 phreak 1.191
255     *hardened-sources-2.6.23 (13 Oct 2007)
256    
257     13 Oct 2007; Christian Heim <phreak@gentoo.org>
258     +hardened-sources-2.6.23.ebuild:
259     Initial hardened-sources-2.6.23. If people still have problems w/ bug
260     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
261 phreak 1.190
262     11 Oct 2007; Christian Heim <phreak@gentoo.org>
263     hardened-sources-2.6.20-r10.ebuild:
264     Pulling in yet another new genpatches version, fixing the PWC bug for real.
265 phreak 1.189
266     04 Oct 2007; Christian Heim <phreak@gentoo.org>
267     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
268     Removing old versions.
269 phreak 1.188
270     *hardened-sources-2.6.22-r7 (01 Oct 2007)
271    
272     01 Oct 2007; Christian Heim <phreak@gentoo.org>
273     +hardened-sources-2.6.22-r7.ebuild:
274     Revision bump, pulling in a newer patch. Should fix #194276.
275 phreak 1.187
276     30 Sep 2007; Christian Heim <phreak@gentoo.org>
277     hardened-sources-2.6.20-r10.ebuild:
278     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
279     Mike Doty).
280 phreak 1.186
281     *hardened-sources-2.6.22-r6 (26 Sep 2007)
282    
283     26 Sep 2007; Christian Heim <phreak@gentoo.org>
284     +hardened-sources-2.6.22-r6.ebuild:
285     Revision bump, grabbing up till Linux 2.6.22.9.
286 phreak 1.185
287     24 Sep 2007; Christian Heim <phreak@gentoo.org>
288     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
289     Cleaning up further.
290 phreak 1.184
291     *hardened-sources-2.6.20-r10 (24 Sep 2007)
292    
293     24 Sep 2007; Christian Heim <phreak@gentoo.org>
294     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
295     +hardened-sources-2.6.20-r10.ebuild:
296     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
297     revisions.
298 phreak 1.183
299     *hardened-sources-2.6.22-r5 (22 Sep 2007)
300    
301     22 Sep 2007; Christian Heim <phreak@gentoo.org>
302     +hardened-sources-2.6.22-r5.ebuild:
303     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
304 phreak 1.182
305     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
306     Removing johnm from metadata.xml (see #186467 for reference).
307 phreak 1.181
308     *hardened-sources-2.6.22-r4 (17 Sep 2007)
309    
310     17 Sep 2007; Christian Heim <phreak@gentoo.org>
311     +hardened-sources-2.6.22-r4.ebuild:
312     Revision bump, hopefully fixing all those weird PAX failures.
313 phreak 1.180
314     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
315     Updating the metadata.xml.
316 phreak 1.179
317     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
318     Removing tocharian from metadata due to his retirement (see #71718 for
319     reference).
320 phreak 1.178
321     *hardened-sources-2.6.20-r9 (30 Aug 2007)
322    
323     30 Aug 2007; Christian Heim <phreak@gentoo.org>
324     +hardened-sources-2.6.20-r9.ebuild:
325     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
326 phreak 1.177
327     29 Aug 2007; Christian Heim <phreak@gentoo.org>
328     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
329     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
330     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
331     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
332     -hardened-sources-2.6.22-r2.ebuild:
333     Removing some redundant versions.
334 phreak 1.176
335     *hardened-sources-2.4.35-r1 (29 Aug 2007)
336    
337     29 Aug 2007; Christian Heim <phreak@gentoo.org>
338     +hardened-sources-2.4.35-r1.ebuild:
339     Revision bump, new grsecurity patch.
340 phreak 1.175
341     *hardened-sources-2.6.20-r8 (26 Aug 2007)
342    
343     26 Aug 2007; Christian Heim <phreak@gentoo.org>
344     +hardened-sources-2.6.20-r8.ebuild:
345     Revision bump for Linux 2.6.20.17.
346 phreak 1.174
347     *hardened-sources-2.6.22-r3 (22 Aug 2007)
348    
349     22 Aug 2007; Christian Heim <phreak@gentoo.org>
350     +hardened-sources-2.6.22-r3.ebuild:
351     Revision bump for Linux 2.6.22.4.
352 phreak 1.173
353     16 Aug 2007; Christian Heim <phreak@gentoo.org>
354     hardened-sources-2.6.22-r2.ebuild:
355     Updated patchset, to fix the alignment against 2.6.22.3.
356 phreak 1.172
357     *hardened-sources-2.6.22-r2 (16 Aug 2007)
358    
359     16 Aug 2007; Christian Heim <phreak@gentoo.org>
360     +hardened-sources-2.6.22-r2.ebuild:
361     Revision bump for Linux 2.6.22.3.
362 phreak 1.171
363     *hardened-sources-2.4.35 (16 Aug 2007)
364    
365     16 Aug 2007; Christian Heim <phreak@gentoo.org>
366     +hardened-sources-2.4.35.ebuild:
367     Version bump, initial version for Linux 2.4.35.
368 phreak 1.170
369     *hardened-sources-2.6.21-r4 (16 Aug 2007)
370    
371     16 Aug 2007; Christian Heim <phreak@gentoo.org>
372     +hardened-sources-2.6.21-r4.ebuild:
373     Revision bump for Linux 2.6.21.6.
374 phreak 1.169
375     *hardened-sources-2.6.20-r7 (16 Aug 2007)
376    
377     16 Aug 2007; Christian Heim <phreak@gentoo.org>
378     +hardened-sources-2.6.20-r7.ebuild:
379     Revision bump for Linux 2.6.20.16.
380 phreak 1.168
381     *hardened-sources-2.6.22-r1 (13 Aug 2007)
382    
383     13 Aug 2007; Christian Heim <phreak@gentoo.org>
384     +hardened-sources-2.6.22-r1.ebuild:
385     Yet another revision bump.
386 phreak 1.167
387     *hardened-sources-2.6.22 (10 Aug 2007)
388    
389     10 Aug 2007; Christian Heim <phreak@gentoo.org>
390     +hardened-sources-2.6.22.ebuild:
391     Initial release for 2.6.22. If you are using hardened-sources on a desktop
392     machine (P4 or newer), be aware you might need to disable
393     CONFIG_PAX_PAGEEXEC.
394 phreak 1.166
395     04 Aug 2007; Christian Heim <phreak@gentoo.org>
396     hardened-sources-2.6.20-r6.ebuild:
397     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
398     2.6.20.15.
399 phreak 1.165
400     10 Jul 2007; Christian Heim <phreak@gentoo.org>
401     hardened-sources-2.6.20-r5.ebuild:
402     Marking hardened-sources-2.6.20-r5 stable on ppc.
403 phreak 1.164
404     10 Jul 2007; Christian Heim <phreak@gentoo.org>
405     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
406     Cleanup.
407 phreak 1.163
408     *hardened-sources-2.6.20-r6 (08 Jul 2007)
409    
410     08 Jul 2007; Christian Heim <phreak@gentoo.org>
411     +hardened-sources-2.6.20-r6.ebuild:
412     Revision bump, grabbing yet another stable release.
413 phreak 1.162
414     17 Jun 2007; Christian Heim <phreak@gentoo.org>
415     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
416     -hardened-sources-2.6.21-r2.ebuild:
417     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
418     alpha stable KEYWORD by mistake.
419 phreak 1.161
420     17 Jun 2007; Christian Heim <phreak@gentoo.org>
421     hardened-sources-2.6.20-r5.ebuild:
422     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
423     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
424 phreak 1.160
425     *hardened-sources-2.6.21-r3 (12 Jun 2007)
426    
427     12 Jun 2007; Christian Heim <phreak@gentoo.org>
428     +hardened-sources-2.6.21-r3.ebuild:
429     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
430     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
431     love.
432 phreak 1.159
433     *hardened-sources-2.6.20-r5 (11 Jun 2007)
434    
435     11 Jun 2007; Christian Heim <phreak@gentoo.org>
436     +hardened-sources-2.6.20-r5.ebuild:
437     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
438     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
439     love.
440 pappy 1.158
441     *hardened-sources-2.4.34.5 (11 Jun 2007)
442    
443     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
444     +hardened-sources-2.4.34.5.ebuild:
445     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
446 phreak 1.157
447     30 May 2007; Christian Heim <phreak@gentoo.org>
448     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
449     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
450     stale ebuild(s).
451 phreak 1.156
452     30 May 2007; Christian Heim <phreak@gentoo.org>
453     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
454     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
455     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
456     Doing some cleanups, remove stale ebuilds.
457 phreak 1.155
458     26 May 2007; Christian Heim <phreak@gentoo.org>
459     hardened-sources-2.6.21-r2.ebuild:
460     Fixing the grsecurity patch, had one '};' too much.
461 phreak 1.154
462     *hardened-sources-2.6.21-r2 (26 May 2007)
463    
464     26 May 2007; Christian Heim <phreak@gentoo.org>
465     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
466     +hardened-sources-2.6.21-r2.ebuild:
467     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
468     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
469 phreak 1.153
470     *hardened-sources-2.6.20-r4 (26 May 2007)
471    
472     26 May 2007; Christian Heim <phreak@gentoo.org>
473     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
474     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
475 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
476 phreak 1.152
477     15 May 2007; Christian Heim <phreak@gentoo.org>
478     hardened-sources-2.6.20-r3.ebuild:
479     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
480     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
481     grsecurity patch fail in that exact same hunk.
482 phreak 1.151
483     *hardened-sources-2.6.20-r3 (15 May 2007)
484    
485     15 May 2007; Christian Heim <phreak@gentoo.org>
486     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
487     Revision bump, incorporating Linux 2.6.20.11.
488    
489     *hardened-sources-2.6.21-r1 (11 May 2007)
490    
491     11 May 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.6.21-r1.ebuild:
493     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
494     mentioned in #177234.
495 kevquinn 1.150
496     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
497     files/digest-hardened-sources-2.6.21, Manifest:
498     Fix Manifest/digest for linux-2.6.21.tar.bz2
499 phreak 1.149
500     06 May 2007; Christian Heim <phreak@gentoo.org>
501     hardened-sources-2.6.21.ebuild:
502     Bumping the hardened-patches version, needed for the fix for #177234.
503 phreak 1.148
504     *hardened-sources-2.6.21 (02 May 2007)
505    
506     02 May 2007; Christian Heim <phreak@gentoo.org>
507     +hardened-sources-2.6.21.ebuild:
508     Version bump, Linux 2.6.21-hardened.
509 phreak 1.147
510     29 Apr 2007; Christian Heim <phreak@gentoo.org>
511     hardened-sources-2.6.20-r2.ebuild:
512     Adding ~ia64 on Ned's request.
513 phreak 1.146
514     29 Apr 2007; Christian Heim <phreak@gentoo.org>
515     hardened-sources-2.6.20-r2.ebuild:
516     Fixing the included grsecurity patch, wasn't alligning due to the Index:
517     header line(s).
518 phreak 1.145
519     29 Apr 2007; Christian Heim <phreak@gentoo.org>
520     hardened-sources-2.6.20-r2.ebuild:
521     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
522 armin76 1.144
523     *hardened-sources-2.6.20-r2 (10 Apr 2007)
524    
525     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
526     +hardened-sources-2.6.20-r2.ebuild:
527     Version bump, on behalf of phreak
528 phreak 1.143
529     *hardened-sources-2.6.20-r1 (04 Apr 2007)
530    
531     04 Apr 2007; Christian Heim <phreak@gentoo.org>
532     +hardened-sources-2.6.20-r1.ebuild:
533     Revision bump, grabbing a newer grsecurity snapshot.
534 phreak 1.142
535     *hardened-sources-2.6.20 (25 Mar 2007)
536    
537     25 Mar 2007; Christian Heim <phreak@gentoo.org>
538     +hardened-sources-2.6.20.ebuild:
539     Finally a hardened-sources version for 2.6.20; many people have been waiting
540     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
541     testbox.
542 chainsaw 1.141
543     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
544     hardened-sources-2.6.18-r6.ebuild:
545     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
546 phreak 1.140
547     *hardened-sources-2.6.18-r6 (16 Mar 2007)
548    
549     16 Mar 2007; Christian Heim <phreak@gentoo.org>
550     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
551     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
552     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
553     supposed to be.
554 phreak 1.139
555     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
556     Fixing the Manifest, the previous one was broken (as in still had the
557     deleted ebuild in it).
558 phreak 1.138
559     06 Mar 2007; Christian Heim <phreak@gentoo.org>
560     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
561     +hardened-sources-2.6.18-r5.ebuild:
562     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
563     Linux 2.6.18.8. Also cleaning up the older version.
564    
565     *hardened-sources-2.6.18-r5 (06 Mar 2007)
566    
567     06 Mar 2007; Christian Heim <phreak@gentoo.org>
568     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
569     +hardened-sources-2.6.18-r5.ebuild:
570     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
571     Linux 2.6.18.8. Also cleaning up the older version.
572 phreak 1.137
573     24 Feb 2007; Christian Heim <phreak@gentoo.org>
574     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
575     -hardened-sources-2.6.19-r5.ebuild:
576     Removing some of the old version, that didn't work.
577 phreak 1.136
578     *hardened-sources-2.6.19-r6 (12 Feb 2007)
579    
580     12 Feb 2007; Christian Heim <phreak@gentoo.org>
581     +hardened-sources-2.6.19-r6.ebuild:
582     Revision bump, including a new grsec version fixing #166235.
583 pappy 1.134
584     *hardened-sources-2.4.34 (24 Jan 2007)
585    
586     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
587 pappy 1.135 Manifest:
588     updating Manifest with checksums of new tarball and ebuild
589    
590     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
591 pappy 1.134 +hardened-sources-2.4.34.ebuild:
592     I added new hardened sources 2.4 update, this is a critical path
593     security bugfix - all users of h-s are strongly advised
594     to update their existing hardened sources to this version.
595     It contains a fix for a kernel vulnerability that is pertaining
596     to the PaX changes to virtual memory management, possibly leading
597     to a local kernel exploit ... see grsecurity.net forums and homepage
598 phreak 1.133
599     23 Jan 2007; Christian Heim <phreak@gentoo.org>
600     files/digest-hardened-sources-2.6.19-r5, Manifest:
601     Fixing the patch-tarball digest.
602 phreak 1.132
603     *hardened-sources-2.6.19-r5 (23 Jan 2007)
604    
605     23 Jan 2007; Christian Heim <phreak@gentoo.org>
606     +hardened-sources-2.6.19-r5.ebuild:
607     Revision bump, closing the recently discovered PaX expand_stack()
608     vulnerability.
609 phreak 1.131
610     *hardened-sources-2.6.19-r4 (14 Jan 2007)
611    
612     14 Jan 2007; Christian Heim <phreak@gentoo.org>
613     +hardened-sources-2.6.19-r4.ebuild:
614     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
615     dropping the randomized PID feature.
616 opfer 1.130
617     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
618     hardened-sources-2.4.33.4.ebuild:
619     stable x86, bug #161171
620 phreak 1.129
621     *hardened-sources-2.6.19-r3 (27 Dec 2006)
622    
623     27 Dec 2006; Christian Heim <phreak@gentoo.org>
624     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
625     Revision bump for bug #157186 and #158786.
626 phreak 1.128
627     *hardened-sources-2.6.18-r4 (27 Dec 2006)
628    
629     27 Dec 2006; Christian Heim <phreak@gentoo.org>
630     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
631     Revision bump for bug #157186.
632 phreak 1.127
633     *hardened-sources-2.6.19-r2 (23 Dec 2006)
634    
635     23 Dec 2006; Christian Heim <phreak@gentoo.org>
636     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
637     Revision bump to pull in genpatches-2.6.19-3 for #157186.
638 phreak 1.126
639     17 Dec 2006; Christian Heim <phreak@gentoo.org>
640     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
641     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
642     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
643     hardened-sources-2.6.19-r1.ebuild:
644     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
645     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
646 pappy 1.125
647     *hardened-sources-2.4.33.4 (17 Dec 2006)
648    
649     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
650     +hardened-sources-2.4.33.4.ebuild:
651     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
652     and quilting
653 phreak 1.124
654     *hardened-sources-2.6.19-r1 (14 Dec 2006)
655    
656     14 Dec 2006; Christian Heim <phreak@gentoo.org>
657     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
658     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
659     for reporting).
660 phreak 1.123
661     *hardened-sources-2.6.19 (13 Dec 2006)
662    
663     13 Dec 2006; Christian Heim <phreak@gentoo.org>
664     +hardened-sources-2.6.19.ebuild:
665     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
666     Brad for providing that prompt update.
667 phreak 1.122
668     *hardened-sources-2.6.18-r3 (13 Dec 2006)
669    
670     13 Dec 2006; Christian Heim <phreak@gentoo.org>
671     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
672     +hardened-sources-2.6.18-r3.ebuild:
673     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
674     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
675 phreak 1.121
676     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
677     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
678 nixnut 1.120
679     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
680     Stable on ppc wrt bug 157356
681 opfer 1.119
682     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
683     hardened-sources-2.6.18.ebuild:
684     stable x86, bug #157356
685 phreak 1.118
686     *hardened-sources-2.6.18-r2 (06 Dec 2006)
687    
688     06 Dec 2006; Christian Heim <phreak@gentoo.org>
689     +hardened-sources-2.6.18-r2.ebuild:
690     Revision bump, including 2.6.18.5 (via genpatches) and
691     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
692     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
693     redesign.
694 phreak 1.117
695     06 Dec 2006; Christian Heim <phreak@gentoo.org>
696     hardened-sources-2.6.18.ebuild:
697     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
698     of Mike Doty).
699 phreak 1.116
700     *hardened-sources-2.6.18-r1 (23 Nov 2006)
701    
702     23 Nov 2006; Christian Heim <phreak@gentoo.org>
703     +hardened-sources-2.6.18-r1.ebuild:
704     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
705 phreak 1.115
706     *hardened-sources-2.6.18 (11 Nov 2006)
707    
708     11 Nov 2006; Christian Heim <phreak@gentoo.org>
709     +hardened-sources-2.6.18.ebuild:
710     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
711 solar 1.114
712     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
713     - mark amd64 stable also. bug #151877
714 solar 1.113
715     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
716     - mark 2.6.17-r1 stable
717 phreak 1.112
718     27 Aug 2006; Christian Heim <phreak@gentoo.org>
719     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
720     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
721 phreak 1.111
722     *hardened-sources-2.6.17-r1 (26 Aug 2006)
723    
724     26 Aug 2006; Christian Heim <phreak@gentoo.org>
725     +hardened-sources-2.6.17-r1.ebuild:
726     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
727     grsecurity patch.
728 phreak 1.110
729     *hardened-sources-2.6.17 (17 Aug 2006)
730    
731     17 Aug 2006; Christian Heim <phreak@gentoo.org>
732     +hardened-sources-2.6.17.ebuild:
733     Bumping the hardened-sources-2.6 series to 2.6.17, using
734     genpatches-2.6.17-6.base.
735 solar 1.109
736     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
737     - stable on x86 and amd64
738 solar 1.108
739     *hardened-sources-2.6.16-r11 (15 Jul 2006)
740    
741     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
742     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
743     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
744     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
745     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
746     crusty ebuilds
747 johnm 1.107
748     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
749     hardened-sources-2.6.16-r10.ebuild:
750     marking stable on x86 and amd64
751 solar 1.106
752     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
753     - 2.4.32-r6 stable on x86. RSBAC state unknown
754 kang 1.105
755     *hardened-sources-2.4.32-r7 (10 Jul 2006)
756    
757     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
758     +hardened-sources-2.4.32-r7.ebuild:
759     Bump PaX for RSBAC to test-17
760 johnm 1.104
761     *hardened-sources-2.6.16-r9 (03 Jul 2006)
762    
763     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
764     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
765     hardened-sources-2.6.16 bump to latest -base.
766 solar 1.103
767     *hardened-sources-2.4.32-r6 (30 Jun 2006)
768    
769     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
770     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
771     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
772     sysctl controlable resource logging
773 johnm 1.102
774     *hardened-sources-2.6.16-r7 (05 Jun 2006)
775    
776     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
777     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
778     push new 2.6.16 release in preparation for stable
779 solar 1.101
780     22 May 2006; <solar@gentoo.org> :
781     - redigest bug 134002
782 kang 1.100
783     *hardened-sources-2.4.32-r5 (16 May 2006)
784    
785     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
786     +hardened-sources-2.4.32-r5.ebuild:
787     Fixes rsbac common patching (new patch in new -r5 patchset)
788 solar 1.99
789     *hardened-sources-2.4.32-r4 (13 May 2006)
790    
791     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
792     +hardened-sources-2.4.32-r4.ebuild:
793     - security bumps
794 johnm 1.98
795     *hardened-sources-2.6.16-r6 (03 May 2006)
796    
797     03 May 2006; John Mylchreest <johnm@gentoo.org>
798     +hardened-sources-2.6.16-r6.ebuild:
799     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
800 johnm 1.97
801     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
802     hardened-sources-2.6.14-r8.ebuild:
803     fix x86_64 build problem, this will delay the digest issue again for a short
804     while but it will sort itself out
805 johnm 1.96
806     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
807     hardened-sources-2.6.14-r8.ebuild:
808     bump hardened patchset
809 antarus 1.94
810     27 Apr 2006; Alec Warner <antarus@gentoo.org>
811     files/digest-hardened-sources-2.4.32-r2,
812     files/digest-hardened-sources-2.4.32-r3,
813     files/digest-hardened-sources-2.6.14-r8, Manifest:
814     Fixing duff SHA256 digests: Bug # 131293
815 johnm 1.93
816 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
817    
818     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
819     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
820     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
821     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
822     cleanup of old uneccessary sources
823    
824 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
825     fix digest
826 johnm 1.92
827     *hardened-sources-2.6.14-r8 (20 Apr 2006)
828    
829     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
830     +hardened-sources-2.6.14-r8.ebuild:
831     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
832 johnm 1.91
833     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
834     Turning on gpg-signing again, and recomitting
835 johnm 1.90
836     *hardened-sources-2.6.16-r4 (20 Apr 2006)
837    
838     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
839     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
840     +hardened-sources-2.6.16-r4.ebuild:
841     Fix numerous security vulns
842 solar 1.89
843     *hardened-sources-2.4.32-r3 (16 Apr 2006)
844    
845     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
846     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
847     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
848     - security bump for bug #112791. Removed old ebuilds
849 johnm 1.88
850     *hardened-sources-2.6.16-r3 (15 Apr 2006)
851    
852     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
853     +hardened-sources-2.6.16-r3.ebuild:
854     Removing silly localversion which I missed
855 johnm 1.87
856     *hardened-sources-2.6.14-r7 (14 Apr 2006)
857    
858     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
859     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
860     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
861 johnm 1.86
862     *hardened-sources-2.6.16-r2 (13 Apr 2006)
863    
864     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
865     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
866     +hardened-sources-2.6.16-r2.ebuild:
867     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
868     labels, dropping USERGROUP define fixes, since these were merged mainstream.
869 johnm 1.85
870     *hardened-sources-2.6.16-r1 (11 Apr 2006)
871    
872     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
873     +hardened-sources-2.6.16-r1.ebuild:
874     Bumping to include ppc build fix and 2.6.16.3
875 tsunam 1.84
876     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
877     hardened-sources-2.6.14-r6.ebuild:
878     Stable on x86; bug #127718
879 johnm 1.83
880     *hardened-sources-2.6.16 (31 Mar 2006)
881    
882     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
883     +hardened-sources-2.6.16.ebuild:
884     Bumping to new version of grsec, and kernel base. New squashfs. Based on
885     2.6.16.1
886 cryos 1.82
887     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
888     hardened-sources-2.6.14-r6.ebuild:
889     Stable on amd64, bug 127718.
890 nixnut 1.81
891     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
892     Stable on ppc. Bug #127718
893 johnm 1.80
894     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
895     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
896     -hardened-sources-2.6.14-r4.ebuild:
897     Cleanup.
898 johnm 1.79
899     *hardened-sources-2.6.14-r6 (15 Mar 2006)
900    
901     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
902     +hardened-sources-2.6.14-r6.ebuild:
903     Fixes grsec policy recreation bug and adds a
904     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
905 solar 1.78
906     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
907     - stable on x86
908 hansmi 1.77
909     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
910     hardened-sources-2.6.14-r5.ebuild:
911     Stable on ppc.
912 johnm 1.76
913     *hardened-sources-2.6.14-r5 (01 Feb 2006)
914    
915     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
916     +hardened-sources-2.6.14-r5.ebuild:
917     fixing every known exploit
918 solar 1.75
919     *hardened-sources-2.4.32-r2 (26 Jan 2006)
920    
921     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
922     +hardened-sources-2.4.32-r2.ebuild:
923     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
924 solar 1.74
925     *hardened-sources-2.6.14-r4 (12 Jan 2006)
926    
927     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
928     - version bump for new genpatches which fix up a few sec holes
929 solar 1.73
930     *hardened-sources-2.4.32-r1 (05 Jan 2006)
931    
932     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
933     - revision bump to add misc vital linux kernel security patches.
934 johnm 1.72
935     *hardened-sources-2.6.14-r3 (30 Dec 2005)
936    
937     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
938     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
939     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
940 johnm 1.71
941     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
942     hardened-sources-2.6.14-r2.ebuild:
943     making x86 & amd64 stable following testing.
944 johnm 1.70
945     *hardened-sources-2.6.14-r2 (27 Dec 2005)
946    
947     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
948     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
949     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
950     network hooks.
951 johnm 1.69
952     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
953     hardened-sources-2.6.14-r1.ebuild:
954     bumping to stable early for sec fix on x86 & amd64
955 johnm 1.68
956     *hardened-sources-2.6.14-r1 (05 Dec 2005)
957    
958     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
959     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
960     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
961 solar 1.67
962     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
963     - stable on x86 security bug #114227 CAN-2005-3257
964 kang 1.66
965     *hardened-sources-2.4.32 (19 Nov 2005)
966    
967     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
968     +hardened-sources-2.4.32.ebuild:
969     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
970     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
971     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
972     rsbac >> /etc/portage/package.use)
973 johnm 1.65
974     *hardened-sources-2.6.14 (14 Nov 2005)
975    
976     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
977     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
978     Bumping 2.6 series to 2.6.14.2
979 johnm 1.64
980     *hardened-sources-2.6.13-r2 (20 Oct 2005)
981    
982     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
983     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
984     +hardened-sources-2.6.13-r2.ebuild:
985     Fixes minor build error in ppc.
986 johnm 1.63
987     *hardened-sources-2.6.13-r1 (17 Oct 2005)
988    
989     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
990     +hardened-sources-2.6.13-r1.ebuild:
991     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
992     2.6.13.4, fixes some major amd64 stability problems.
993 johnm 1.62
994     *hardened-sources-2.6.13 (16 Sep 2005)
995    
996     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
997     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
998     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
999     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1000     users should test this thoroughly.
1001 solar 1.61
1002     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1003     - stable on x86
1004 johnm 1.60
1005     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1006    
1007     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1008     +hardened-sources-2.6.11-r15.ebuild:
1009     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1010     grsec redefining curr_ip struct.
1011 solar 1.59
1012     *hardened-sources-2.4.31 (20 Jun 2005)
1013    
1014     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1015     initial import of 2.4.31 tree
1016 johnm 1.58
1017     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1018    
1019     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1020     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1021     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1022     naming scheme to abide by genpatches
1023 johnm 1.57
1024     *hardened-sources-2.6.11-r13 (18 May 2005)
1025    
1026     18 May 2005; John Mylchreest <johnm@gentoo.org>
1027     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1028     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1029     target. sorry about that. Fixes bug #93022
1030 johnm 1.56
1031     *hardened-sources-2.6.11-r12 (17 May 2005)
1032    
1033     17 May 2005; John Mylchreest <johnm@gentoo.org>
1034     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1035     +hardened-sources-2.6.11-r12.ebuild:
1036     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1037     merges in genpatches-base
1038 johnm 1.55
1039     *hardened-sources-2.6.11-r12 (17 May 2005)
1040    
1041     17 May 2005; John Mylchreest <johnm@gentoo.org>
1042     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1043     +hardened-sources-2.6.11-r12.ebuild:
1044     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1045     merges in genpatches-base
1046 solar 1.54
1047     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1048     -files/2.4.27-cmdline-race.patch,
1049     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1050     -files/2.4.28-grsec-binfmt_a.out.patch,
1051     -files/2.4.28-grsec-cmdline-race.patch,
1052     -files/2.4.28-selinux-binfmt_a.out.patch,
1053     -files/2.4.28-selinux-cmdline-race.patch,
1054     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1055     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1056     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1057     cleanup..
1058 solar 1.53
1059     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1060    
1061     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1062     - disable aout by default
1063 solar 1.52
1064     *hardened-sources-2.4.30 (18 Apr 2005)
1065    
1066     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1067     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1068     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1069     use
1070 tocharian 1.50
1071 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1072    
1073     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1074     +hardened-sources-2.4.29.ebuild:
1075     New hardened-patches-2.4-29.0 patchball.
1076     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1077    
1078     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1079    
1080     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1081     +hardened-sources-2.4.28-r5.ebuild:
1082     Added a fix for a PaX vulnerability.
1083    
1084     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1085 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1086     Stable on x86
1087 solar 1.49
1088     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1089     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1090     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1091     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1092     - fixed/added RDEPEND= in all kernel-2 ebuilds
1093 tocharian 1.48
1094     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1095    
1096     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1097     +hardened-sources-2.4.28-r4.ebuild:
1098     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1099     backport of neighbour hash updates.
1100 tocharian 1.47
1101     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1102     hardened-sources-2.4.28-r3.ebuild:
1103     Stable on x86
1104 tseng 1.46
1105     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1106    
1107     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1108     +hardened-sources-2.6.10-r3.ebuild:
1109     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1110     in 2005.0
1111 tocharian 1.45
1112     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1113     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1114     hardened-sources-2.4.28-r2.ebuild:
1115     Mark stable on x86
1116 tocharian 1.44
1117     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1118    
1119     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1120     +hardened-sources-2.4.28-r3.ebuild:
1121     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1122 tocharian 1.43
1123     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1124     hardened-sources-2.4.28.ebuild:
1125     Mark stable on x86.
1126 tocharian 1.42
1127     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1128    
1129     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1130     +hardened-sources-2.4.28-r2.ebuild:
1131     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1132     Mazinger for grsecurity patches as well.
1133 plasmaroo 1.41
1134     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1135    
1136     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1137     Security bump. Thank tocharian for rolling a new patchset...
1138 solar 1.40
1139     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1140     +files/2.4.28-grsec-cmdline-race.patch,
1141     +files/2.4.28-selinux-binfmt_a.out.patch,
1142     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1143     - Round up remaining security patches that appear to be missing in 2.4.28. -
1144     PaX standalone updated to current. hgpv=28.1
1145 solar 1.39
1146     *hardened-sources-2.4.28 (28 Nov 2004)
1147    
1148     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1149     security bump. Thank tocharian for rolling a new patchset
1150 scox 1.31
1151 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1152    
1153     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1154     +hardened-sources-2.4.27-r3.ebuild:
1155     Applies the new 2.4-27.2 patchball which updates
1156     GRSecurity to the 2.0.1 version.
1157    
1158 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1159    
1160     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1161     +hardened-sources-2.4.27-r2.ebuild:
1162     Version bump.
1163     This version uses the new 2.4-27.1 patchball which updates
1164     both the SELinux PaX hooks patch and the SELinux headers.
1165    
1166 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1167    
1168     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1169     +hardened-sources-2.4.27-r1.ebuild,
1170     -hardened-sources-2.4.27.ebuild,
1171     +files/2.4.27-cmdline-race.patch:
1172     Version bump, fix for cmdline race. See bug #59905.
1173    
1174     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1175    
1176     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1177     +hardened-sources-2.4.26-r6.ebuild,
1178     -hardened-sources-2.4.26-r5.ebuild,
1179     -hardened-sources-2.4.26-r4.ebuild,
1180     +files/2.4.26-cmdline-race.patch:
1181     Version bump, fix for cmdline race. See bug #59905.
1182    
1183 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1184    
1185     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1186     +hardened-sources-2.4.27.ebuild,
1187     +files/2.4.27-CAN-2004-0394.patch:
1188     Ported the patchball to the 2.4.27 kernel version.
1189    
1190 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1191    
1192     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1193     +hardened-sources-2.4.26-r5.ebuild:
1194 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1195 scox 1.34 It adds the following features:
1196     - Squashfs
1197     - Ebtables
1198     - Netdev random (core+drivers)
1199     - Watchdog Timer (WDT) fix.
1200    
1201 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1202    
1203     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1204     +hardened-sources-2.4.26-r4.ebuild,
1205     +files/2.4.26-CAN-2004-0415.patch,
1206     -hardened-sources-2.4.26-3:
1207     Version bump, fix for CAN 0415, see bug #59378.
1208    
1209 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1210    
1211     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1212     +hardened-sources-2.4.26-r3.ebuild,
1213     +files/2.4.26-CAN-2004-0497.patch,
1214     -hardened-sources-2.4.26-r2.ebuild:
1215     Version bump, fixed CAN 0497, see bug #56171.
1216    
1217 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1218    
1219     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1220 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1221 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1222     +files/2.4.26-CAN-2004-0535.patch,
1223     -hardened-sources-2.4.26-r1.ebuild:
1224     Fixes for both CAN 0495 and 0535, see bug #54976
1225 pvdabeel 1.27
1226 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1227     hardened-sources-2.4.26-r1.ebuild:
1228     QA - fix use invocation
1229 scox 1.28
1230     *hardened-sources-2.4.26-r1 (22 June 2004)
1231    
1232     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1233     +hardened-sources-2.4.26-r1.ebuild,
1234     +files/2.4.26-CAN-2004-0394.patch,
1235     +files/2.4.26-signal-race.patch,
1236     -hardened-sources-2.4.26.ebuild,
1237     -hardened-sources-2.4.24-r3.ebuild:
1238     Version bump for the CAN-2004-0394 issue and bug #53804
1239     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1240    
1241    
1242 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1243     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1244     Masked hardened-sources-2.4.26.ebuild broken for ppc
1245    
1246     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1247     hardened-sources-2.4.24-r3.ebuild:
1248     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1249 plasmaroo 1.25
1250 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1251    
1252     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1253     +hardened-sources-2.4.26.ebuild:
1254     Updated hardened-sources for the 2.4.26 kernel
1255     Removed broken components, updated almost everything.
1256    
1257 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1258    
1259     17 Apr 2004; <plasmaroo@gentoo.org>
1260     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1261     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1262     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1263     +hardened-sources-2.4.24-r3.ebuild:
1264     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1265     vulnerabilities. Old revisions removed.
1266 plasmaroo 1.24
1267     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1268    
1269     15 Apr 2004; <plasmaroo@gentoo.org>
1270     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1271     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1272     Version bump for the CAN-2004-0109 issue; bug #47881.
1273 aliz 1.23
1274     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1275     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1276     Add eutils to inherit.
1277 plasmaroo 1.22
1278     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1279    
1280     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1281     files/hardened-sources-2.4.24.munmap.patch:
1282     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1283 scox 1.19
1284 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1285 scox 1.26
1286 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1287     hardened-sources-2.4.24.ebuild:
1288     Version bump, updated most of the components.
1289     This release includes the following:
1290    
1291     - Hardened security
1292     - Netfilter patch-o-matic 20031219
1293     - FreeSWAN 2.04 & x509 1.4.8
1294     - EVMS 2.2.2
1295     - XFS 1.3.1
1296     - cryptoloop jari
1297     - grsecurity 2.0-rc4
1298     - SELinux
1299     - PaX 200402060000
1300     - PaX Obscurity 200308302223
1301     - Others...
1302    
1303     Neither -ck nor systrace are included anymore.
1304    
1305 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1306    
1307     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1308     hardened-sources-2.4.22-r2.ebuild:
1309 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1310 scox 1.19
1311     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1312 iggy 1.17
1313     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1314 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1315 iggy 1.16
1316     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1317 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1318     Version bump for the 'do_brk' vulnerability.
1319 iggy 1.15
1320     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1321     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1322     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1323     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1324 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1325 frogger 1.14
1326     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1327     hardened-sources-2.4.22.ebuild:
1328 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1329     components. These are no longer handled in the kernel
1330     so this code was not necessary.
1331 frogger 1.13
1332     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1333     New 2.4.22 based hardened-sources thanks to
1334     Phil West <p.west@computer.org>.
1335    
1336     These sources include:
1337 plasmaroo 1.18 - New SELinux API
1338     - Updated CK-base
1339     - Updated GRSec
1340     - Systrace
1341     - SuperFreeS/WAN 1.99.8
1342     - Propolice kernel build support
1343     - EVMS
1344     - Other various security related patches
1345 frogger 1.11
1346 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1347    
1348     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1349     Updated hardened-sources based on the 2.4.21 Linux kernel.
1350     This includes updates to most major components such as:
1351 plasmaroo 1.18 - ck-base-0306300059
1352     - selinux-2.4-2003071106
1353     - grsecurity-2.0-rc1
1354     - Updated IPTables patch-o-matic
1355     - Updated SuperFreeS/WAN
1356    
1357 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1358     updated patch set ready for the 2.4.21 based kernel.
1359    
1360 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1361     Initial import of hardened-sources-2.4.20-r4. This revision
1362     includes only a few changes, but one of these is an important
1363     security fix. It is recommended all users of hardened-sources
1364     upgrade to this release.
1365 plasmaroo 1.18
1366 frogger 1.11 - ioperm bug fix
1367     - fixed compilation failure when building without GRSec
1368 plasmaroo 1.18
1369 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1370     due to time constraints, but is planned for inclusion in the near
1371     future.
1372 msterret 1.10
1373     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1374    
1375     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1376     hardened-sources-2.4.20-r3.ebuild:
1377 plasmaroo 1.18 Add Header...
1378 frogger 1.9
1379     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1380     hardened-sources-2.4.20-r3.ebuild:
1381     Removed warnings from ebuild. This kernel should be safe to
1382     use at this point.
1383 frogger 1.8
1384     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1385    
1386     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1387     hardened-sources-2.4.20-r3.ebuild:
1388     New revision. Includes the following changes over -r2:
1389 plasmaroo 1.18
1390 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1391     - Super FreeS/WAN 1.99.7rc2
1392     - PaX for the LSM/SELinux branch
1393     - GRSecurity 2.0-pre4 (role based access control)
1394     - Systrace 1.3
1395     - EXT3 fixes
1396     - EVMS 2.0.1
1397     - GCC 3.1+ compile optimizations
1398     - ProPolice kernel build support
1399     - Hashing table security fixes
1400 frogger 1.3
1401     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1402 frogger 1.7
1403     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1404     Initial import of hardened-sources-r2. This new
1405     ebuild includes many new performance and security
1406     related patches. As in -r1, it will patch in
1407     LSM/SELinux if "selinux" is in USE, otherwise it
1408     will patch in GRSecurity. The following patches
1409     are included in this revision:
1410 plasmaroo 1.18
1411 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1412     (pulled from the base CK patch)
1413     - ptrace exploit patch for the LSM kernel
1414     (the GRSec patch already fixes this)
1415     - LSM 2.4-2003040709
1416     - SELinux 2.4-2003040709
1417     - Systrace v1.2
1418     - IPTables patch-o-matic base patches - 20030107
1419     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1420     - Super FreeS/WAN 1.99.6.1
1421     - GRSecurity 1.9.9g
1422     - MPPE
1423     - EXT3 data journal fix
1424     - CIPE 1.5.4
1425 frogger 1.6
1426     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1427     hardened-sources-2.4.20-r1.ebuild, manifest:
1428 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1429 frogger 1.5
1430     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1431     hardened-sources-2.4.20-r1.ebuild:
1432     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1433     is patched in instead. Ptrace patches for selinux have also been added. In
1434     either case, systrace support will be patched in as well.
1435 frogger 1.3
1436     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1437     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1438 plasmaroo 1.18 Revision bump for new sources.
1439 frogger 1.4
1440 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1441 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1442 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1443 method 1.1
1444 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1445    
1446 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1447     hardened-sources-2.4.20.ebuild:
1448 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20