/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.242 - (hide annotations) (download)
Wed Sep 17 02:02:13 2008 UTC (6 years, 11 months ago) by gengor
Branch: MAIN
Changes since 1.241: +5 -1 lines
Stable 2.6.25-r7 on amd64/x86.
(Portage version: 2.1.4.4)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.242 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.241 2008/09/13 20:09:11 gengor Exp $
4    
5     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
6     hardened-sources-2.6.25-r7.ebuild:
7     Stable amd64/x86.
8 gengor 1.241
9     *hardened-sources-2.6.26-r2 (13 Sep 2008)
10    
11     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
12     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
13     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
14     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
15 gengor 1.240
16     *hardened-sources-2.6.25-r7 (13 Sep 2008)
17    
18     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
19     +hardened-sources-2.6.25-r7.ebuild:
20     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
21 gengor 1.239
22     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
23     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
24     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
25     hardened-sources-2.6.26-r1.ebuild:
26     Update DESCRIPTION and HGPV_URI.
27 gengor 1.238
28     *hardened-sources-2.6.25-r6 (09 Sep 2008)
29    
30     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
31     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
32     2.6.25-r6: Update to Linux 2.6.25.17.
33     2.6.24-r3: Removed.
34 gengor 1.237
35     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
36     hardened-sources-2.6.25-r5.ebuild:
37     Stable on amd64/x86
38 gengor 1.236
39     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
40     Update my email address.
41 nixnut 1.235
42     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
43     stable on ppc
44 battousai 1.234
45     *hardened-sources-2.6.26-r1 (23 Aug 2008)
46     *hardened-sources-2.6.25-r5 (23 Aug 2008)
47    
48     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
49     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
50     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
51     +hardened-sources-2.6.26-r1.ebuild:
52     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
53     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
54     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
55     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
56     (gengor).
57 solar 1.233
58     *hardened-sources-2.6.26 (18 Aug 2008)
59     *hardened-sources-2.6.25-r4 (18 Aug 2008)
60    
61     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
62     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
63     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
64     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
65     2.6.25-r2: Removed.
66 tove 1.232
67     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
68     Remove phreak from metadata.xml (#96398)
69 solar 1.231
70     *hardened-sources-2.6.25-r3 (31 Jul 2008)
71    
72     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
73     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
74     +hardened-sources-2.6.25-r3.ebuild:
75     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
76     fixes, including security bug #231750.
77 nixnut 1.230
78     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
79     Stable on ppc
80 solar 1.229
81     *hardened-sources-2.6.25-r2 (05 Jul 2008)
82    
83     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
84     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
85     +hardened-sources-2.6.25-r2.ebuild:
86     2.6.23-r4: Stable x86/amd64
87     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
88     2.6.23-r{11,12}: Removed due to multiple vulns.
89     (gengor & kerframil)
90 nixnut 1.228
91     04 Jul 2008; nixnut <nixnut@gentoo.org>
92     hardened-sources-2.6.23-r13.ebuild:
93     Stable on ppc
94 solar 1.227
95     *hardened-sources-2.6.25-r1 (30 Jun 2008)
96    
97     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
98     +hardened-sources-2.6.25-r1.ebuild:
99     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
100     grsecurity release. 2.6.23-r13: x86/amd64 stable
101 solar 1.226
102     *hardened-sources-2.6.25 (17 Jun 2008)
103     *hardened-sources-2.6.24-r3 (17 Jun 2008)
104     *hardened-sources-2.6.23-r13 (17 Jun 2008)
105    
106     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
107     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
108     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
109     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
110     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
111     2.6.25: Initial 2.6.25 release.
112 solar 1.225
113     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
114     - fasttrack to stable x86/amd64
115 swegener 1.224
116     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
117     Fix broken digest for linux-2.6.24.tar.bz2.
118 solar 1.223
119     *hardened-sources-2.6.24-r2 (11 May 2008)
120     *hardened-sources-2.6.23-r12 (11 May 2008)
121    
122     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
123     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
124     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
125     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
126     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
127     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
128     security bugs 219901, 220691, 220975, 220979, 221123. New
129     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
130     should be removed as far as I'm concerned, everything else remove due to
131     vulnerable to numerous security bugs or brokeness.
132 nixnut 1.222
133     10 May 2008; nixnut <nixnut@gentoo.org>
134     hardened-sources-2.6.23-r11.ebuild:
135     Stable on ppc
136 solar 1.221
137     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
138     - -r11 stable on x86/amd64
139 solar 1.220
140     *hardened-sources-2.6.23-r11 (01 May 2008)
141    
142     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
143     - version bump to fix ulgy linux bugs
144 phreak 1.219
145     *hardened-sources-2.6.24-r1 (30 Apr 2008)
146    
147     30 Apr 2008; Christian Heim <phreak@gentoo.org>
148     +hardened-sources-2.6.24-r1.ebuild:
149     Revision bump (thanks to Kerin and Gordon, again), pulling
150     genpatches-2.6.24-7, solving #219089. Additionally contains further security
151     fixes plus some minor updates.
152 phreak 1.218
153     *hardened-sources-2.6.23-r10 (30 Apr 2008)
154    
155     30 Apr 2008; Christian Heim <phreak@gentoo.org>
156     +hardened-sources-2.6.23-r10.ebuild:
157     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
158     Additional contains "various other fixes".
159 phreak 1.217
160     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
161     Update the longdescription in metadata, thanks to Gordon Malm.
162 nixnut 1.216
163     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
164     Stable on ppc wrt bug #213255
165 solar 1.215
166     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
167     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
168     - stable on x86/amd64 per request. Removed obsolete ebuilds
169 phreak 1.214
170     *hardened-sources-2.6.24 (07 Apr 2008)
171    
172     07 Apr 2008; Christian Heim <phreak@gentoo.org>
173     +hardened-sources-2.6.24.ebuild:
174     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
175     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
176     for the many contributions and their continued effort in #216612) based on
177     2.6.24 and genpatches-2.6.24-5.
178    
179     The current ebuild/patchset contains these things:
180     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
181     * Introduces bespoke server and workstation oriented security levels
182     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
183 phreak 1.213
184     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
185     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
186     maintaining it).
187 phreak 1.212
188     24 Mar 2008; Christian Heim <phreak@gentoo.org>
189     hardened-sources-2.4.35-r2.ebuild:
190     Fixing SRC_URI for 2.4.35-r2.
191 phreak 1.211
192     *hardened-sources-2.6.23-r9 (22 Mar 2008)
193    
194     22 Mar 2008; Christian Heim <phreak@gentoo.org>
195     +hardened-sources-2.6.23-r9.ebuild:
196     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
197     * Change the default GIDs for some grsecurity options
198     * Revamp the Hardened [Gentoo] security level and make it the default level
199     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
200     * Fix a recursive lock -- call to capable() within ptrace_attach()
201     * Fix bug that allows audit and iscsi operations to be controlled via netlink
202 solar 1.210
203     *hardened-sources-2.6.23-r8 (27 Feb 2008)
204    
205     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
206     - version bump from Kerin Millar bug 210026
207 solar 1.209
208     17 Feb 2008; <solar@gentoo.org> metadata.xml,
209     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
210     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
211     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
212     - stable on x86 and remove old ebuilds
213 solar 1.207
214     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
215 solar 1.208 - stable on amd64 per request of amd64 lead
216 solar 1.206
217     *hardened-sources-2.6.23-r7 (11 Feb 2008)
218    
219     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
220     - version bump from kerin.millar
221     Changes:
222    
223     * Bump to genpatches-base-2.6.23-9
224     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
225     * Disables COMPAT_VDSO in x86/defconfig
226     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
227 phreak 1.205
228     25 Jan 2008; Christian Heim <phreak@gentoo.org>
229     -hardened-sources-2.6.22-r8.ebuild:
230     Cleaning up old versions.
231 phreak 1.204
232     *hardened-sources-2.6.23-r6 (25 Jan 2008)
233    
234     25 Jan 2008; Christian Heim <phreak@gentoo.org>
235     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
236     Revision bump, pulling in the latest genpatches.
237 phreak 1.203
238     *hardened-sources-2.6.23-r5 (24 Dec 2007)
239    
240     24 Dec 2007; Christian Heim <phreak@gentoo.org>
241     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
242     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
243     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
244     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
245 phreak 1.202
246     24 Dec 2007; Christian Heim <phreak@gentoo.org>
247     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
248     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
249     -hardened-sources-2.6.23-r3.ebuild:
250     Cleaning out some unused, old versions.
251 phreak 1.201
252     24 Dec 2007; Christian Heim <phreak@gentoo.org>
253     hardened-sources-2.6.23-r4.ebuild:
254     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
255     in the tree for long, but there isn't much of a difference between this and
256     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
257 phreak 1.200
258     *hardened-sources-2.6.23-r4 (23 Dec 2007)
259    
260     23 Dec 2007; Christian Heim <phreak@gentoo.org>
261     +hardened-sources-2.6.23-r4.ebuild:
262     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
263 phreak 1.199
264     *hardened-sources-2.6.23-r3 (04 Dec 2007)
265    
266     04 Dec 2007; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.6.23-r3.ebuild:
268     Revision bump, pulling in 2.6.23.9.
269 phreak 1.198
270     *hardened-sources-2.6.23-r2 (25 Nov 2007)
271    
272     25 Nov 2007; Christian Heim <phreak@gentoo.org>
273     +hardened-sources-2.6.23-r2.ebuild:
274     Updated patchset, thanks to solar.
275 phreak 1.197
276     *hardened-sources-2.6.23-r1 (31 Oct 2007)
277    
278     31 Oct 2007; Christian Heim <phreak@gentoo.org>
279     +hardened-sources-2.6.23-r1.ebuild:
280     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
281 solar 1.196
282     29 Oct 2007; <solar@gentoo.org> metadata.xml:
283     - update metadata.xml
284 phreak 1.195
285     25 Oct 2007; Christian Heim <phreak@gentoo.org>
286     hardened-sources-2.6.22-r8.ebuild:
287     Marking 2.6.22-r8 stable on amd64 and x86.
288 phreak 1.194
289     21 Oct 2007; Christian Heim <phreak@gentoo.org>
290     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
291     -hardened-sources-2.6.21-r4.ebuild:
292     Removing old ebuilds.
293 phreak 1.193
294     *hardened-sources-2.4.35-r2 (21 Oct 2007)
295    
296     21 Oct 2007; Christian Heim <phreak@gentoo.org>
297     +hardened-sources-2.4.35-r2.ebuild:
298     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
299     patches.
300 phreak 1.192
301     *hardened-sources-2.6.22-r8 (21 Oct 2007)
302    
303     21 Oct 2007; Christian Heim <phreak@gentoo.org>
304     +hardened-sources-2.6.22-r8.ebuild:
305     Yet another new patch, hopefully fixing the remaining issues we had w/
306     2.6.22. Candidate for stabling.
307 phreak 1.191
308     *hardened-sources-2.6.23 (13 Oct 2007)
309    
310     13 Oct 2007; Christian Heim <phreak@gentoo.org>
311     +hardened-sources-2.6.23.ebuild:
312     Initial hardened-sources-2.6.23. If people still have problems w/ bug
313     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
314 phreak 1.190
315     11 Oct 2007; Christian Heim <phreak@gentoo.org>
316     hardened-sources-2.6.20-r10.ebuild:
317     Pulling in yet another new genpatches version, fixing the PWC bug for real.
318 phreak 1.189
319     04 Oct 2007; Christian Heim <phreak@gentoo.org>
320     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
321     Removing old versions.
322 phreak 1.188
323     *hardened-sources-2.6.22-r7 (01 Oct 2007)
324    
325     01 Oct 2007; Christian Heim <phreak@gentoo.org>
326     +hardened-sources-2.6.22-r7.ebuild:
327     Revision bump, pulling in a newer patch. Should fix #194276.
328 phreak 1.187
329     30 Sep 2007; Christian Heim <phreak@gentoo.org>
330     hardened-sources-2.6.20-r10.ebuild:
331     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
332     Mike Doty).
333 phreak 1.186
334     *hardened-sources-2.6.22-r6 (26 Sep 2007)
335    
336     26 Sep 2007; Christian Heim <phreak@gentoo.org>
337     +hardened-sources-2.6.22-r6.ebuild:
338     Revision bump, grabbing up till Linux 2.6.22.9.
339 phreak 1.185
340     24 Sep 2007; Christian Heim <phreak@gentoo.org>
341     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
342     Cleaning up further.
343 phreak 1.184
344     *hardened-sources-2.6.20-r10 (24 Sep 2007)
345    
346     24 Sep 2007; Christian Heim <phreak@gentoo.org>
347     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
348     +hardened-sources-2.6.20-r10.ebuild:
349     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
350     revisions.
351 phreak 1.183
352     *hardened-sources-2.6.22-r5 (22 Sep 2007)
353    
354     22 Sep 2007; Christian Heim <phreak@gentoo.org>
355     +hardened-sources-2.6.22-r5.ebuild:
356     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
357 phreak 1.182
358     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
359     Removing johnm from metadata.xml (see #186467 for reference).
360 phreak 1.181
361     *hardened-sources-2.6.22-r4 (17 Sep 2007)
362    
363     17 Sep 2007; Christian Heim <phreak@gentoo.org>
364     +hardened-sources-2.6.22-r4.ebuild:
365     Revision bump, hopefully fixing all those weird PAX failures.
366 phreak 1.180
367     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
368     Updating the metadata.xml.
369 phreak 1.179
370     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
371     Removing tocharian from metadata due to his retirement (see #71718 for
372     reference).
373 phreak 1.178
374     *hardened-sources-2.6.20-r9 (30 Aug 2007)
375    
376     30 Aug 2007; Christian Heim <phreak@gentoo.org>
377     +hardened-sources-2.6.20-r9.ebuild:
378     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
379 phreak 1.177
380     29 Aug 2007; Christian Heim <phreak@gentoo.org>
381     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
382     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
383     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
384     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
385     -hardened-sources-2.6.22-r2.ebuild:
386     Removing some redundant versions.
387 phreak 1.176
388     *hardened-sources-2.4.35-r1 (29 Aug 2007)
389    
390     29 Aug 2007; Christian Heim <phreak@gentoo.org>
391     +hardened-sources-2.4.35-r1.ebuild:
392     Revision bump, new grsecurity patch.
393 phreak 1.175
394     *hardened-sources-2.6.20-r8 (26 Aug 2007)
395    
396     26 Aug 2007; Christian Heim <phreak@gentoo.org>
397     +hardened-sources-2.6.20-r8.ebuild:
398     Revision bump for Linux 2.6.20.17.
399 phreak 1.174
400     *hardened-sources-2.6.22-r3 (22 Aug 2007)
401    
402     22 Aug 2007; Christian Heim <phreak@gentoo.org>
403     +hardened-sources-2.6.22-r3.ebuild:
404     Revision bump for Linux 2.6.22.4.
405 phreak 1.173
406     16 Aug 2007; Christian Heim <phreak@gentoo.org>
407     hardened-sources-2.6.22-r2.ebuild:
408     Updated patchset, to fix the alignment against 2.6.22.3.
409 phreak 1.172
410     *hardened-sources-2.6.22-r2 (16 Aug 2007)
411    
412     16 Aug 2007; Christian Heim <phreak@gentoo.org>
413     +hardened-sources-2.6.22-r2.ebuild:
414     Revision bump for Linux 2.6.22.3.
415 phreak 1.171
416     *hardened-sources-2.4.35 (16 Aug 2007)
417    
418     16 Aug 2007; Christian Heim <phreak@gentoo.org>
419     +hardened-sources-2.4.35.ebuild:
420     Version bump, initial version for Linux 2.4.35.
421 phreak 1.170
422     *hardened-sources-2.6.21-r4 (16 Aug 2007)
423    
424     16 Aug 2007; Christian Heim <phreak@gentoo.org>
425     +hardened-sources-2.6.21-r4.ebuild:
426     Revision bump for Linux 2.6.21.6.
427 phreak 1.169
428     *hardened-sources-2.6.20-r7 (16 Aug 2007)
429    
430     16 Aug 2007; Christian Heim <phreak@gentoo.org>
431     +hardened-sources-2.6.20-r7.ebuild:
432     Revision bump for Linux 2.6.20.16.
433 phreak 1.168
434     *hardened-sources-2.6.22-r1 (13 Aug 2007)
435    
436     13 Aug 2007; Christian Heim <phreak@gentoo.org>
437     +hardened-sources-2.6.22-r1.ebuild:
438     Yet another revision bump.
439 phreak 1.167
440     *hardened-sources-2.6.22 (10 Aug 2007)
441    
442     10 Aug 2007; Christian Heim <phreak@gentoo.org>
443     +hardened-sources-2.6.22.ebuild:
444     Initial release for 2.6.22. If you are using hardened-sources on a desktop
445     machine (P4 or newer), be aware you might need to disable
446     CONFIG_PAX_PAGEEXEC.
447 phreak 1.166
448     04 Aug 2007; Christian Heim <phreak@gentoo.org>
449     hardened-sources-2.6.20-r6.ebuild:
450     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
451     2.6.20.15.
452 phreak 1.165
453     10 Jul 2007; Christian Heim <phreak@gentoo.org>
454     hardened-sources-2.6.20-r5.ebuild:
455     Marking hardened-sources-2.6.20-r5 stable on ppc.
456 phreak 1.164
457     10 Jul 2007; Christian Heim <phreak@gentoo.org>
458     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
459     Cleanup.
460 phreak 1.163
461     *hardened-sources-2.6.20-r6 (08 Jul 2007)
462    
463     08 Jul 2007; Christian Heim <phreak@gentoo.org>
464     +hardened-sources-2.6.20-r6.ebuild:
465     Revision bump, grabbing yet another stable release.
466 phreak 1.162
467     17 Jun 2007; Christian Heim <phreak@gentoo.org>
468     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
469     -hardened-sources-2.6.21-r2.ebuild:
470     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
471     alpha stable KEYWORD by mistake.
472 phreak 1.161
473     17 Jun 2007; Christian Heim <phreak@gentoo.org>
474     hardened-sources-2.6.20-r5.ebuild:
475     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
476     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
477 phreak 1.160
478     *hardened-sources-2.6.21-r3 (12 Jun 2007)
479    
480     12 Jun 2007; Christian Heim <phreak@gentoo.org>
481     +hardened-sources-2.6.21-r3.ebuild:
482     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
483     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
484     love.
485 phreak 1.159
486     *hardened-sources-2.6.20-r5 (11 Jun 2007)
487    
488     11 Jun 2007; Christian Heim <phreak@gentoo.org>
489     +hardened-sources-2.6.20-r5.ebuild:
490     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
491     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
492     love.
493 pappy 1.158
494     *hardened-sources-2.4.34.5 (11 Jun 2007)
495    
496     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
497     +hardened-sources-2.4.34.5.ebuild:
498     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
499 phreak 1.157
500     30 May 2007; Christian Heim <phreak@gentoo.org>
501     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
502     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
503     stale ebuild(s).
504 phreak 1.156
505     30 May 2007; Christian Heim <phreak@gentoo.org>
506     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
507     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
508     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
509     Doing some cleanups, remove stale ebuilds.
510 phreak 1.155
511     26 May 2007; Christian Heim <phreak@gentoo.org>
512     hardened-sources-2.6.21-r2.ebuild:
513     Fixing the grsecurity patch, had one '};' too much.
514 phreak 1.154
515     *hardened-sources-2.6.21-r2 (26 May 2007)
516    
517     26 May 2007; Christian Heim <phreak@gentoo.org>
518     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
519     +hardened-sources-2.6.21-r2.ebuild:
520     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
521     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
522 phreak 1.153
523     *hardened-sources-2.6.20-r4 (26 May 2007)
524    
525     26 May 2007; Christian Heim <phreak@gentoo.org>
526     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
527     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
528 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
529 phreak 1.152
530     15 May 2007; Christian Heim <phreak@gentoo.org>
531     hardened-sources-2.6.20-r3.ebuild:
532     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
533     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
534     grsecurity patch fail in that exact same hunk.
535 phreak 1.151
536     *hardened-sources-2.6.20-r3 (15 May 2007)
537    
538     15 May 2007; Christian Heim <phreak@gentoo.org>
539     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
540     Revision bump, incorporating Linux 2.6.20.11.
541    
542     *hardened-sources-2.6.21-r1 (11 May 2007)
543    
544     11 May 2007; Christian Heim <phreak@gentoo.org>
545     +hardened-sources-2.6.21-r1.ebuild:
546     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
547     mentioned in #177234.
548 kevquinn 1.150
549     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
550     files/digest-hardened-sources-2.6.21, Manifest:
551     Fix Manifest/digest for linux-2.6.21.tar.bz2
552 phreak 1.149
553     06 May 2007; Christian Heim <phreak@gentoo.org>
554     hardened-sources-2.6.21.ebuild:
555     Bumping the hardened-patches version, needed for the fix for #177234.
556 phreak 1.148
557     *hardened-sources-2.6.21 (02 May 2007)
558    
559     02 May 2007; Christian Heim <phreak@gentoo.org>
560     +hardened-sources-2.6.21.ebuild:
561     Version bump, Linux 2.6.21-hardened.
562 phreak 1.147
563     29 Apr 2007; Christian Heim <phreak@gentoo.org>
564     hardened-sources-2.6.20-r2.ebuild:
565     Adding ~ia64 on Ned's request.
566 phreak 1.146
567     29 Apr 2007; Christian Heim <phreak@gentoo.org>
568     hardened-sources-2.6.20-r2.ebuild:
569     Fixing the included grsecurity patch, wasn't alligning due to the Index:
570     header line(s).
571 phreak 1.145
572     29 Apr 2007; Christian Heim <phreak@gentoo.org>
573     hardened-sources-2.6.20-r2.ebuild:
574     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
575 armin76 1.144
576     *hardened-sources-2.6.20-r2 (10 Apr 2007)
577    
578     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
579     +hardened-sources-2.6.20-r2.ebuild:
580     Version bump, on behalf of phreak
581 phreak 1.143
582     *hardened-sources-2.6.20-r1 (04 Apr 2007)
583    
584     04 Apr 2007; Christian Heim <phreak@gentoo.org>
585     +hardened-sources-2.6.20-r1.ebuild:
586     Revision bump, grabbing a newer grsecurity snapshot.
587 phreak 1.142
588     *hardened-sources-2.6.20 (25 Mar 2007)
589    
590     25 Mar 2007; Christian Heim <phreak@gentoo.org>
591     +hardened-sources-2.6.20.ebuild:
592     Finally a hardened-sources version for 2.6.20; many people have been waiting
593     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
594     testbox.
595 chainsaw 1.141
596     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
597     hardened-sources-2.6.18-r6.ebuild:
598     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
599 phreak 1.140
600     *hardened-sources-2.6.18-r6 (16 Mar 2007)
601    
602     16 Mar 2007; Christian Heim <phreak@gentoo.org>
603     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
604     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
605     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
606     supposed to be.
607 phreak 1.139
608     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
609     Fixing the Manifest, the previous one was broken (as in still had the
610     deleted ebuild in it).
611 phreak 1.138
612     06 Mar 2007; Christian Heim <phreak@gentoo.org>
613     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
614     +hardened-sources-2.6.18-r5.ebuild:
615     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
616     Linux 2.6.18.8. Also cleaning up the older version.
617    
618     *hardened-sources-2.6.18-r5 (06 Mar 2007)
619    
620     06 Mar 2007; Christian Heim <phreak@gentoo.org>
621     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
622     +hardened-sources-2.6.18-r5.ebuild:
623     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
624     Linux 2.6.18.8. Also cleaning up the older version.
625 phreak 1.137
626     24 Feb 2007; Christian Heim <phreak@gentoo.org>
627     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
628     -hardened-sources-2.6.19-r5.ebuild:
629     Removing some of the old version, that didn't work.
630 phreak 1.136
631     *hardened-sources-2.6.19-r6 (12 Feb 2007)
632    
633     12 Feb 2007; Christian Heim <phreak@gentoo.org>
634     +hardened-sources-2.6.19-r6.ebuild:
635     Revision bump, including a new grsec version fixing #166235.
636 pappy 1.134
637     *hardened-sources-2.4.34 (24 Jan 2007)
638    
639     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
640 pappy 1.135 Manifest:
641     updating Manifest with checksums of new tarball and ebuild
642    
643     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
644 pappy 1.134 +hardened-sources-2.4.34.ebuild:
645     I added new hardened sources 2.4 update, this is a critical path
646     security bugfix - all users of h-s are strongly advised
647     to update their existing hardened sources to this version.
648     It contains a fix for a kernel vulnerability that is pertaining
649     to the PaX changes to virtual memory management, possibly leading
650     to a local kernel exploit ... see grsecurity.net forums and homepage
651 phreak 1.133
652     23 Jan 2007; Christian Heim <phreak@gentoo.org>
653     files/digest-hardened-sources-2.6.19-r5, Manifest:
654     Fixing the patch-tarball digest.
655 phreak 1.132
656     *hardened-sources-2.6.19-r5 (23 Jan 2007)
657    
658     23 Jan 2007; Christian Heim <phreak@gentoo.org>
659     +hardened-sources-2.6.19-r5.ebuild:
660     Revision bump, closing the recently discovered PaX expand_stack()
661     vulnerability.
662 phreak 1.131
663     *hardened-sources-2.6.19-r4 (14 Jan 2007)
664    
665     14 Jan 2007; Christian Heim <phreak@gentoo.org>
666     +hardened-sources-2.6.19-r4.ebuild:
667     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
668     dropping the randomized PID feature.
669 opfer 1.130
670     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
671     hardened-sources-2.4.33.4.ebuild:
672     stable x86, bug #161171
673 phreak 1.129
674     *hardened-sources-2.6.19-r3 (27 Dec 2006)
675    
676     27 Dec 2006; Christian Heim <phreak@gentoo.org>
677     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
678     Revision bump for bug #157186 and #158786.
679 phreak 1.128
680     *hardened-sources-2.6.18-r4 (27 Dec 2006)
681    
682     27 Dec 2006; Christian Heim <phreak@gentoo.org>
683     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
684     Revision bump for bug #157186.
685 phreak 1.127
686     *hardened-sources-2.6.19-r2 (23 Dec 2006)
687    
688     23 Dec 2006; Christian Heim <phreak@gentoo.org>
689     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
690     Revision bump to pull in genpatches-2.6.19-3 for #157186.
691 phreak 1.126
692     17 Dec 2006; Christian Heim <phreak@gentoo.org>
693     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
694     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
695     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
696     hardened-sources-2.6.19-r1.ebuild:
697     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
698     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
699 pappy 1.125
700     *hardened-sources-2.4.33.4 (17 Dec 2006)
701    
702     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
703     +hardened-sources-2.4.33.4.ebuild:
704     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
705     and quilting
706 phreak 1.124
707     *hardened-sources-2.6.19-r1 (14 Dec 2006)
708    
709     14 Dec 2006; Christian Heim <phreak@gentoo.org>
710     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
711     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
712     for reporting).
713 phreak 1.123
714     *hardened-sources-2.6.19 (13 Dec 2006)
715    
716     13 Dec 2006; Christian Heim <phreak@gentoo.org>
717     +hardened-sources-2.6.19.ebuild:
718     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
719     Brad for providing that prompt update.
720 phreak 1.122
721     *hardened-sources-2.6.18-r3 (13 Dec 2006)
722    
723     13 Dec 2006; Christian Heim <phreak@gentoo.org>
724     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
725     +hardened-sources-2.6.18-r3.ebuild:
726     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
727     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
728 phreak 1.121
729     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
730     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
731 nixnut 1.120
732     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
733     Stable on ppc wrt bug 157356
734 opfer 1.119
735     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
736     hardened-sources-2.6.18.ebuild:
737     stable x86, bug #157356
738 phreak 1.118
739     *hardened-sources-2.6.18-r2 (06 Dec 2006)
740    
741     06 Dec 2006; Christian Heim <phreak@gentoo.org>
742     +hardened-sources-2.6.18-r2.ebuild:
743     Revision bump, including 2.6.18.5 (via genpatches) and
744     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
745     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
746     redesign.
747 phreak 1.117
748     06 Dec 2006; Christian Heim <phreak@gentoo.org>
749     hardened-sources-2.6.18.ebuild:
750     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
751     of Mike Doty).
752 phreak 1.116
753     *hardened-sources-2.6.18-r1 (23 Nov 2006)
754    
755     23 Nov 2006; Christian Heim <phreak@gentoo.org>
756     +hardened-sources-2.6.18-r1.ebuild:
757     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
758 phreak 1.115
759     *hardened-sources-2.6.18 (11 Nov 2006)
760    
761     11 Nov 2006; Christian Heim <phreak@gentoo.org>
762     +hardened-sources-2.6.18.ebuild:
763     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
764 solar 1.114
765     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
766     - mark amd64 stable also. bug #151877
767 solar 1.113
768     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
769     - mark 2.6.17-r1 stable
770 phreak 1.112
771     27 Aug 2006; Christian Heim <phreak@gentoo.org>
772     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
773     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
774 phreak 1.111
775     *hardened-sources-2.6.17-r1 (26 Aug 2006)
776    
777     26 Aug 2006; Christian Heim <phreak@gentoo.org>
778     +hardened-sources-2.6.17-r1.ebuild:
779     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
780     grsecurity patch.
781 phreak 1.110
782     *hardened-sources-2.6.17 (17 Aug 2006)
783    
784     17 Aug 2006; Christian Heim <phreak@gentoo.org>
785     +hardened-sources-2.6.17.ebuild:
786     Bumping the hardened-sources-2.6 series to 2.6.17, using
787     genpatches-2.6.17-6.base.
788 solar 1.109
789     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
790     - stable on x86 and amd64
791 solar 1.108
792     *hardened-sources-2.6.16-r11 (15 Jul 2006)
793    
794     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
795     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
796     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
797     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
798     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
799     crusty ebuilds
800 johnm 1.107
801     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
802     hardened-sources-2.6.16-r10.ebuild:
803     marking stable on x86 and amd64
804 solar 1.106
805     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
806     - 2.4.32-r6 stable on x86. RSBAC state unknown
807 kang 1.105
808     *hardened-sources-2.4.32-r7 (10 Jul 2006)
809    
810     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
811     +hardened-sources-2.4.32-r7.ebuild:
812     Bump PaX for RSBAC to test-17
813 johnm 1.104
814     *hardened-sources-2.6.16-r9 (03 Jul 2006)
815    
816     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
817     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
818     hardened-sources-2.6.16 bump to latest -base.
819 solar 1.103
820     *hardened-sources-2.4.32-r6 (30 Jun 2006)
821    
822     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
823     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
824     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
825     sysctl controlable resource logging
826 johnm 1.102
827     *hardened-sources-2.6.16-r7 (05 Jun 2006)
828    
829     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
830     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
831     push new 2.6.16 release in preparation for stable
832 solar 1.101
833     22 May 2006; <solar@gentoo.org> :
834     - redigest bug 134002
835 kang 1.100
836     *hardened-sources-2.4.32-r5 (16 May 2006)
837    
838     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
839     +hardened-sources-2.4.32-r5.ebuild:
840     Fixes rsbac common patching (new patch in new -r5 patchset)
841 solar 1.99
842     *hardened-sources-2.4.32-r4 (13 May 2006)
843    
844     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
845     +hardened-sources-2.4.32-r4.ebuild:
846     - security bumps
847 johnm 1.98
848     *hardened-sources-2.6.16-r6 (03 May 2006)
849    
850     03 May 2006; John Mylchreest <johnm@gentoo.org>
851     +hardened-sources-2.6.16-r6.ebuild:
852     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
853 johnm 1.97
854     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
855     hardened-sources-2.6.14-r8.ebuild:
856     fix x86_64 build problem, this will delay the digest issue again for a short
857     while but it will sort itself out
858 johnm 1.96
859     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
860     hardened-sources-2.6.14-r8.ebuild:
861     bump hardened patchset
862 antarus 1.94
863     27 Apr 2006; Alec Warner <antarus@gentoo.org>
864     files/digest-hardened-sources-2.4.32-r2,
865     files/digest-hardened-sources-2.4.32-r3,
866     files/digest-hardened-sources-2.6.14-r8, Manifest:
867     Fixing duff SHA256 digests: Bug # 131293
868 johnm 1.93
869 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
870    
871     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
872     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
873     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
874     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
875     cleanup of old uneccessary sources
876    
877 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
878     fix digest
879 johnm 1.92
880     *hardened-sources-2.6.14-r8 (20 Apr 2006)
881    
882     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
883     +hardened-sources-2.6.14-r8.ebuild:
884     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
885 johnm 1.91
886     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
887     Turning on gpg-signing again, and recomitting
888 johnm 1.90
889     *hardened-sources-2.6.16-r4 (20 Apr 2006)
890    
891     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
892     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
893     +hardened-sources-2.6.16-r4.ebuild:
894     Fix numerous security vulns
895 solar 1.89
896     *hardened-sources-2.4.32-r3 (16 Apr 2006)
897    
898     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
899     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
900     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
901     - security bump for bug #112791. Removed old ebuilds
902 johnm 1.88
903     *hardened-sources-2.6.16-r3 (15 Apr 2006)
904    
905     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
906     +hardened-sources-2.6.16-r3.ebuild:
907     Removing silly localversion which I missed
908 johnm 1.87
909     *hardened-sources-2.6.14-r7 (14 Apr 2006)
910    
911     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
912     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
913     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
914 johnm 1.86
915     *hardened-sources-2.6.16-r2 (13 Apr 2006)
916    
917     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
918     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
919     +hardened-sources-2.6.16-r2.ebuild:
920     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
921     labels, dropping USERGROUP define fixes, since these were merged mainstream.
922 johnm 1.85
923     *hardened-sources-2.6.16-r1 (11 Apr 2006)
924    
925     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
926     +hardened-sources-2.6.16-r1.ebuild:
927     Bumping to include ppc build fix and 2.6.16.3
928 tsunam 1.84
929     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
930     hardened-sources-2.6.14-r6.ebuild:
931     Stable on x86; bug #127718
932 johnm 1.83
933     *hardened-sources-2.6.16 (31 Mar 2006)
934    
935     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
936     +hardened-sources-2.6.16.ebuild:
937     Bumping to new version of grsec, and kernel base. New squashfs. Based on
938     2.6.16.1
939 cryos 1.82
940     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
941     hardened-sources-2.6.14-r6.ebuild:
942     Stable on amd64, bug 127718.
943 nixnut 1.81
944     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
945     Stable on ppc. Bug #127718
946 johnm 1.80
947     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
948     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
949     -hardened-sources-2.6.14-r4.ebuild:
950     Cleanup.
951 johnm 1.79
952     *hardened-sources-2.6.14-r6 (15 Mar 2006)
953    
954     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
955     +hardened-sources-2.6.14-r6.ebuild:
956     Fixes grsec policy recreation bug and adds a
957     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
958 solar 1.78
959     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
960     - stable on x86
961 hansmi 1.77
962     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
963     hardened-sources-2.6.14-r5.ebuild:
964     Stable on ppc.
965 johnm 1.76
966     *hardened-sources-2.6.14-r5 (01 Feb 2006)
967    
968     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
969     +hardened-sources-2.6.14-r5.ebuild:
970     fixing every known exploit
971 solar 1.75
972     *hardened-sources-2.4.32-r2 (26 Jan 2006)
973    
974     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
975     +hardened-sources-2.4.32-r2.ebuild:
976     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
977 solar 1.74
978     *hardened-sources-2.6.14-r4 (12 Jan 2006)
979    
980     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
981     - version bump for new genpatches which fix up a few sec holes
982 solar 1.73
983     *hardened-sources-2.4.32-r1 (05 Jan 2006)
984    
985     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
986     - revision bump to add misc vital linux kernel security patches.
987 johnm 1.72
988     *hardened-sources-2.6.14-r3 (30 Dec 2005)
989    
990     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
991     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
992     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
993 johnm 1.71
994     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
995     hardened-sources-2.6.14-r2.ebuild:
996     making x86 & amd64 stable following testing.
997 johnm 1.70
998     *hardened-sources-2.6.14-r2 (27 Dec 2005)
999    
1000     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1001     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1002     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1003     network hooks.
1004 johnm 1.69
1005     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1006     hardened-sources-2.6.14-r1.ebuild:
1007     bumping to stable early for sec fix on x86 & amd64
1008 johnm 1.68
1009     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1010    
1011     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1012     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1013     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1014 solar 1.67
1015     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1016     - stable on x86 security bug #114227 CAN-2005-3257
1017 kang 1.66
1018     *hardened-sources-2.4.32 (19 Nov 2005)
1019    
1020     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1021     +hardened-sources-2.4.32.ebuild:
1022     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1023     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1024     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1025     rsbac >> /etc/portage/package.use)
1026 johnm 1.65
1027     *hardened-sources-2.6.14 (14 Nov 2005)
1028    
1029     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1030     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1031     Bumping 2.6 series to 2.6.14.2
1032 johnm 1.64
1033     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1034    
1035     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1036     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1037     +hardened-sources-2.6.13-r2.ebuild:
1038     Fixes minor build error in ppc.
1039 johnm 1.63
1040     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1041    
1042     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1043     +hardened-sources-2.6.13-r1.ebuild:
1044     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1045     2.6.13.4, fixes some major amd64 stability problems.
1046 johnm 1.62
1047     *hardened-sources-2.6.13 (16 Sep 2005)
1048    
1049     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1050     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1051     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1052     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1053     users should test this thoroughly.
1054 solar 1.61
1055     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1056     - stable on x86
1057 johnm 1.60
1058     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1059    
1060     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1061     +hardened-sources-2.6.11-r15.ebuild:
1062     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1063     grsec redefining curr_ip struct.
1064 solar 1.59
1065     *hardened-sources-2.4.31 (20 Jun 2005)
1066    
1067     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1068     initial import of 2.4.31 tree
1069 johnm 1.58
1070     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1071    
1072     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1073     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1074     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1075     naming scheme to abide by genpatches
1076 johnm 1.57
1077     *hardened-sources-2.6.11-r13 (18 May 2005)
1078    
1079     18 May 2005; John Mylchreest <johnm@gentoo.org>
1080     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1081     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1082     target. sorry about that. Fixes bug #93022
1083 johnm 1.56
1084     *hardened-sources-2.6.11-r12 (17 May 2005)
1085    
1086     17 May 2005; John Mylchreest <johnm@gentoo.org>
1087     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1088     +hardened-sources-2.6.11-r12.ebuild:
1089     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1090     merges in genpatches-base
1091 johnm 1.55
1092     *hardened-sources-2.6.11-r12 (17 May 2005)
1093    
1094     17 May 2005; John Mylchreest <johnm@gentoo.org>
1095     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1096     +hardened-sources-2.6.11-r12.ebuild:
1097     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1098     merges in genpatches-base
1099 solar 1.54
1100     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1101     -files/2.4.27-cmdline-race.patch,
1102     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1103     -files/2.4.28-grsec-binfmt_a.out.patch,
1104     -files/2.4.28-grsec-cmdline-race.patch,
1105     -files/2.4.28-selinux-binfmt_a.out.patch,
1106     -files/2.4.28-selinux-cmdline-race.patch,
1107     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1108     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1109     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1110     cleanup..
1111 solar 1.53
1112     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1113    
1114     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1115     - disable aout by default
1116 solar 1.52
1117     *hardened-sources-2.4.30 (18 Apr 2005)
1118    
1119     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1120     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1121     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1122     use
1123 tocharian 1.50
1124 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1125    
1126     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1127     +hardened-sources-2.4.29.ebuild:
1128     New hardened-patches-2.4-29.0 patchball.
1129     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1130    
1131     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1132    
1133     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1134     +hardened-sources-2.4.28-r5.ebuild:
1135     Added a fix for a PaX vulnerability.
1136    
1137     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1138 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1139     Stable on x86
1140 solar 1.49
1141     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1142     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1143     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1144     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1145     - fixed/added RDEPEND= in all kernel-2 ebuilds
1146 tocharian 1.48
1147     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1148    
1149     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1150     +hardened-sources-2.4.28-r4.ebuild:
1151     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1152     backport of neighbour hash updates.
1153 tocharian 1.47
1154     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1155     hardened-sources-2.4.28-r3.ebuild:
1156     Stable on x86
1157 tseng 1.46
1158     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1159    
1160     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1161     +hardened-sources-2.6.10-r3.ebuild:
1162     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1163     in 2005.0
1164 tocharian 1.45
1165     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1166     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1167     hardened-sources-2.4.28-r2.ebuild:
1168     Mark stable on x86
1169 tocharian 1.44
1170     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1171    
1172     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1173     +hardened-sources-2.4.28-r3.ebuild:
1174     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1175 tocharian 1.43
1176     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1177     hardened-sources-2.4.28.ebuild:
1178     Mark stable on x86.
1179 tocharian 1.42
1180     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1181    
1182     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1183     +hardened-sources-2.4.28-r2.ebuild:
1184     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1185     Mazinger for grsecurity patches as well.
1186 plasmaroo 1.41
1187     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1188    
1189     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1190     Security bump. Thank tocharian for rolling a new patchset...
1191 solar 1.40
1192     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1193     +files/2.4.28-grsec-cmdline-race.patch,
1194     +files/2.4.28-selinux-binfmt_a.out.patch,
1195     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1196     - Round up remaining security patches that appear to be missing in 2.4.28. -
1197     PaX standalone updated to current. hgpv=28.1
1198 solar 1.39
1199     *hardened-sources-2.4.28 (28 Nov 2004)
1200    
1201     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1202     security bump. Thank tocharian for rolling a new patchset
1203 scox 1.31
1204 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1205    
1206     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1207     +hardened-sources-2.4.27-r3.ebuild:
1208     Applies the new 2.4-27.2 patchball which updates
1209     GRSecurity to the 2.0.1 version.
1210    
1211 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1212    
1213     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1214     +hardened-sources-2.4.27-r2.ebuild:
1215     Version bump.
1216     This version uses the new 2.4-27.1 patchball which updates
1217     both the SELinux PaX hooks patch and the SELinux headers.
1218    
1219 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1220    
1221     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1222     +hardened-sources-2.4.27-r1.ebuild,
1223     -hardened-sources-2.4.27.ebuild,
1224     +files/2.4.27-cmdline-race.patch:
1225     Version bump, fix for cmdline race. See bug #59905.
1226    
1227     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1228    
1229     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1230     +hardened-sources-2.4.26-r6.ebuild,
1231     -hardened-sources-2.4.26-r5.ebuild,
1232     -hardened-sources-2.4.26-r4.ebuild,
1233     +files/2.4.26-cmdline-race.patch:
1234     Version bump, fix for cmdline race. See bug #59905.
1235    
1236 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1237    
1238     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1239     +hardened-sources-2.4.27.ebuild,
1240     +files/2.4.27-CAN-2004-0394.patch:
1241     Ported the patchball to the 2.4.27 kernel version.
1242    
1243 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1244    
1245     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1246     +hardened-sources-2.4.26-r5.ebuild:
1247 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1248 scox 1.34 It adds the following features:
1249     - Squashfs
1250     - Ebtables
1251     - Netdev random (core+drivers)
1252     - Watchdog Timer (WDT) fix.
1253    
1254 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1255    
1256     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1257     +hardened-sources-2.4.26-r4.ebuild,
1258     +files/2.4.26-CAN-2004-0415.patch,
1259     -hardened-sources-2.4.26-3:
1260     Version bump, fix for CAN 0415, see bug #59378.
1261    
1262 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1263    
1264     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1265     +hardened-sources-2.4.26-r3.ebuild,
1266     +files/2.4.26-CAN-2004-0497.patch,
1267     -hardened-sources-2.4.26-r2.ebuild:
1268     Version bump, fixed CAN 0497, see bug #56171.
1269    
1270 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1271    
1272     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1273 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1274 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1275     +files/2.4.26-CAN-2004-0535.patch,
1276     -hardened-sources-2.4.26-r1.ebuild:
1277     Fixes for both CAN 0495 and 0535, see bug #54976
1278 pvdabeel 1.27
1279 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1280     hardened-sources-2.4.26-r1.ebuild:
1281     QA - fix use invocation
1282 scox 1.28
1283     *hardened-sources-2.4.26-r1 (22 June 2004)
1284    
1285     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1286     +hardened-sources-2.4.26-r1.ebuild,
1287     +files/2.4.26-CAN-2004-0394.patch,
1288     +files/2.4.26-signal-race.patch,
1289     -hardened-sources-2.4.26.ebuild,
1290     -hardened-sources-2.4.24-r3.ebuild:
1291     Version bump for the CAN-2004-0394 issue and bug #53804
1292     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1293    
1294    
1295 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1296     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1297     Masked hardened-sources-2.4.26.ebuild broken for ppc
1298    
1299     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1300     hardened-sources-2.4.24-r3.ebuild:
1301     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1302 plasmaroo 1.25
1303 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1304    
1305     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1306     +hardened-sources-2.4.26.ebuild:
1307     Updated hardened-sources for the 2.4.26 kernel
1308     Removed broken components, updated almost everything.
1309    
1310 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1311    
1312     17 Apr 2004; <plasmaroo@gentoo.org>
1313     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1314     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1315     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1316     +hardened-sources-2.4.24-r3.ebuild:
1317     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1318     vulnerabilities. Old revisions removed.
1319 plasmaroo 1.24
1320     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1321    
1322     15 Apr 2004; <plasmaroo@gentoo.org>
1323     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1324     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1325     Version bump for the CAN-2004-0109 issue; bug #47881.
1326 aliz 1.23
1327     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1328     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1329     Add eutils to inherit.
1330 plasmaroo 1.22
1331     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1332    
1333     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1334     files/hardened-sources-2.4.24.munmap.patch:
1335     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1336 scox 1.19
1337 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1338 scox 1.26
1339 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1340     hardened-sources-2.4.24.ebuild:
1341     Version bump, updated most of the components.
1342     This release includes the following:
1343    
1344     - Hardened security
1345     - Netfilter patch-o-matic 20031219
1346     - FreeSWAN 2.04 & x509 1.4.8
1347     - EVMS 2.2.2
1348     - XFS 1.3.1
1349     - cryptoloop jari
1350     - grsecurity 2.0-rc4
1351     - SELinux
1352     - PaX 200402060000
1353     - PaX Obscurity 200308302223
1354     - Others...
1355    
1356     Neither -ck nor systrace are included anymore.
1357    
1358 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1359    
1360     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1361     hardened-sources-2.4.22-r2.ebuild:
1362 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1363 scox 1.19
1364     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1365 iggy 1.17
1366     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1367 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1368 iggy 1.16
1369     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1370 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1371     Version bump for the 'do_brk' vulnerability.
1372 iggy 1.15
1373     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1374     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1375     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1376     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1377 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1378 frogger 1.14
1379     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1380     hardened-sources-2.4.22.ebuild:
1381 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1382     components. These are no longer handled in the kernel
1383     so this code was not necessary.
1384 frogger 1.13
1385     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1386     New 2.4.22 based hardened-sources thanks to
1387     Phil West <p.west@computer.org>.
1388    
1389     These sources include:
1390 plasmaroo 1.18 - New SELinux API
1391     - Updated CK-base
1392     - Updated GRSec
1393     - Systrace
1394     - SuperFreeS/WAN 1.99.8
1395     - Propolice kernel build support
1396     - EVMS
1397     - Other various security related patches
1398 frogger 1.11
1399 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1400    
1401     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1402     Updated hardened-sources based on the 2.4.21 Linux kernel.
1403     This includes updates to most major components such as:
1404 plasmaroo 1.18 - ck-base-0306300059
1405     - selinux-2.4-2003071106
1406     - grsecurity-2.0-rc1
1407     - Updated IPTables patch-o-matic
1408     - Updated SuperFreeS/WAN
1409    
1410 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1411     updated patch set ready for the 2.4.21 based kernel.
1412    
1413 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1414     Initial import of hardened-sources-2.4.20-r4. This revision
1415     includes only a few changes, but one of these is an important
1416     security fix. It is recommended all users of hardened-sources
1417     upgrade to this release.
1418 plasmaroo 1.18
1419 frogger 1.11 - ioperm bug fix
1420     - fixed compilation failure when building without GRSec
1421 plasmaroo 1.18
1422 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1423     due to time constraints, but is planned for inclusion in the near
1424     future.
1425 msterret 1.10
1426     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1427    
1428     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1429     hardened-sources-2.4.20-r3.ebuild:
1430 plasmaroo 1.18 Add Header...
1431 frogger 1.9
1432     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1433     hardened-sources-2.4.20-r3.ebuild:
1434     Removed warnings from ebuild. This kernel should be safe to
1435     use at this point.
1436 frogger 1.8
1437     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1438    
1439     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1440     hardened-sources-2.4.20-r3.ebuild:
1441     New revision. Includes the following changes over -r2:
1442 plasmaroo 1.18
1443 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1444     - Super FreeS/WAN 1.99.7rc2
1445     - PaX for the LSM/SELinux branch
1446     - GRSecurity 2.0-pre4 (role based access control)
1447     - Systrace 1.3
1448     - EXT3 fixes
1449     - EVMS 2.0.1
1450     - GCC 3.1+ compile optimizations
1451     - ProPolice kernel build support
1452     - Hashing table security fixes
1453 frogger 1.3
1454     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1455 frogger 1.7
1456     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1457     Initial import of hardened-sources-r2. This new
1458     ebuild includes many new performance and security
1459     related patches. As in -r1, it will patch in
1460     LSM/SELinux if "selinux" is in USE, otherwise it
1461     will patch in GRSecurity. The following patches
1462     are included in this revision:
1463 plasmaroo 1.18
1464 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1465     (pulled from the base CK patch)
1466     - ptrace exploit patch for the LSM kernel
1467     (the GRSec patch already fixes this)
1468     - LSM 2.4-2003040709
1469     - SELinux 2.4-2003040709
1470     - Systrace v1.2
1471     - IPTables patch-o-matic base patches - 20030107
1472     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1473     - Super FreeS/WAN 1.99.6.1
1474     - GRSecurity 1.9.9g
1475     - MPPE
1476     - EXT3 data journal fix
1477     - CIPE 1.5.4
1478 frogger 1.6
1479     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1480     hardened-sources-2.4.20-r1.ebuild, manifest:
1481 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1482 frogger 1.5
1483     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1484     hardened-sources-2.4.20-r1.ebuild:
1485     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1486     is patched in instead. Ptrace patches for selinux have also been added. In
1487     either case, systrace support will be patched in as well.
1488 frogger 1.3
1489     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1490     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1491 plasmaroo 1.18 Revision bump for new sources.
1492 frogger 1.4
1493 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1494 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1495 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1496 method 1.1
1497 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1498    
1499 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1500     hardened-sources-2.4.20.ebuild:
1501 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20