/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.260 - (hide annotations) (download)
Mon Nov 24 01:35:38 2008 UTC (6 years, 4 months ago) by gengor
Branch: MAIN
Changes since 1.259: +7 -1 lines
Add 2.6.27-r2
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.260 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.259 2008/11/19 10:04:30 gengor Exp $
4    
5     *hardened-sources-2.6.27-r2 (24 Nov 2008)
6    
7     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.27-r2.ebuild:
9     Bump to Linux 2.6.27.7 and latest grsecurity patch.
10 gengor 1.259
11     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
12     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
13     Remove old versions.
14 gengor 1.258
15     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
16     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
17     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
18 nixnut 1.257
19     16 Nov 2008; nixnut <nixnut@gentoo.org>
20     hardened-sources-2.6.25-r10.ebuild:
21     Stable on ppc
22 gengor 1.256
23     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
24     hardened-sources-2.6.25-r10.ebuild:
25     Stable amd64/x86.
26 gengor 1.255
27     *hardened-sources-2.6.26-r6 (12 Nov 2008)
28    
29     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
30     +hardened-sources-2.6.26-r6.ebuild:
31     Bump to Linux 2.6.26.8 and fix security bug #245650.
32 gengor 1.254
33     *hardened-sources-2.6.25-r10 (12 Nov 2008)
34    
35     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
36     +hardened-sources-2.6.25-r10.ebuild:
37     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
38 gengor 1.253
39     *hardened-sources-2.6.27-r1 (09 Nov 2008)
40    
41     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
42     +hardened-sources-2.6.27-r1.ebuild:
43     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
44 gengor 1.252
45     *hardened-sources-2.6.27 (04 Nov 2008)
46    
47     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
48     +hardened-sources-2.6.27.ebuild:
49     Initial 2.6.27 release.
50 gengor 1.251
51     *hardened-sources-2.6.26-r5 (03 Nov 2008)
52    
53     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
54     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
55     +hardened-sources-2.6.26-r5.ebuild:
56     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
57     Clean out some old versions.
58 nixnut 1.250
59     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
60     Stable on ppc
61 gengor 1.249
62     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
63     hardened-sources-2.6.25-r9.ebuild:
64     Stable on amd64/x86.
65 gengor 1.248
66     *hardened-sources-2.6.25-r9 (26 Oct 2008)
67    
68     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
69     +hardened-sources-2.6.25-r9.ebuild:
70     Update to Linux 2.6.25.19
71 nixnut 1.247
72     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
73     Stable on ppc
74 gengor 1.246
75     *hardened-sources-2.6.26-r4 (14 Oct 2008)
76    
77     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
78     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
79     Update to latest grsecurity patch, fixing building of non-modular kernels.
80 gengor 1.245
81     *hardened-sources-2.6.26-r3 (12 Oct 2008)
82    
83     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
84     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
85     +hardened-sources-2.6.26-r3.ebuild:
86     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
87     2.6.26-r1: Removed.
88     2.6.25-r8: Stable amd64/x86.
89 gengor 1.244
90     *hardened-sources-2.6.25-r8 (09 Oct 2008)
91    
92     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
93     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
94     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
95     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
96 nixnut 1.243
97     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
98     Stable on ppc
99 gengor 1.242
100     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
101     hardened-sources-2.6.25-r7.ebuild:
102     Stable amd64/x86.
103 gengor 1.241
104     *hardened-sources-2.6.26-r2 (13 Sep 2008)
105    
106     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
107     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
108     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
109     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
110 gengor 1.240
111     *hardened-sources-2.6.25-r7 (13 Sep 2008)
112    
113     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
114     +hardened-sources-2.6.25-r7.ebuild:
115     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
116 gengor 1.239
117     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
118     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
119     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
120     hardened-sources-2.6.26-r1.ebuild:
121     Update DESCRIPTION and HGPV_URI.
122 gengor 1.238
123     *hardened-sources-2.6.25-r6 (09 Sep 2008)
124    
125     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
126     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
127     2.6.25-r6: Update to Linux 2.6.25.17.
128     2.6.24-r3: Removed.
129 gengor 1.237
130     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
131     hardened-sources-2.6.25-r5.ebuild:
132     Stable on amd64/x86
133 gengor 1.236
134     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
135     Update my email address.
136 nixnut 1.235
137     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
138     stable on ppc
139 battousai 1.234
140     *hardened-sources-2.6.26-r1 (23 Aug 2008)
141     *hardened-sources-2.6.25-r5 (23 Aug 2008)
142    
143     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
144     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
145     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
146     +hardened-sources-2.6.26-r1.ebuild:
147     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
148     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
149     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
150     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
151     (gengor).
152 solar 1.233
153     *hardened-sources-2.6.26 (18 Aug 2008)
154     *hardened-sources-2.6.25-r4 (18 Aug 2008)
155    
156     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
157     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
158     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
159     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
160     2.6.25-r2: Removed.
161 tove 1.232
162     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
163     Remove phreak from metadata.xml (#96398)
164 solar 1.231
165     *hardened-sources-2.6.25-r3 (31 Jul 2008)
166    
167     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
168     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
169     +hardened-sources-2.6.25-r3.ebuild:
170     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
171     fixes, including security bug #231750.
172 nixnut 1.230
173     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
174     Stable on ppc
175 solar 1.229
176     *hardened-sources-2.6.25-r2 (05 Jul 2008)
177    
178     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
179     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
180     +hardened-sources-2.6.25-r2.ebuild:
181     2.6.23-r4: Stable x86/amd64
182     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
183     2.6.23-r{11,12}: Removed due to multiple vulns.
184     (gengor & kerframil)
185 nixnut 1.228
186     04 Jul 2008; nixnut <nixnut@gentoo.org>
187     hardened-sources-2.6.23-r13.ebuild:
188     Stable on ppc
189 solar 1.227
190     *hardened-sources-2.6.25-r1 (30 Jun 2008)
191    
192     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
193     +hardened-sources-2.6.25-r1.ebuild:
194     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
195     grsecurity release. 2.6.23-r13: x86/amd64 stable
196 solar 1.226
197     *hardened-sources-2.6.25 (17 Jun 2008)
198     *hardened-sources-2.6.24-r3 (17 Jun 2008)
199     *hardened-sources-2.6.23-r13 (17 Jun 2008)
200    
201     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
202     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
203     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
204     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
205     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
206     2.6.25: Initial 2.6.25 release.
207 solar 1.225
208     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
209     - fasttrack to stable x86/amd64
210 swegener 1.224
211     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
212     Fix broken digest for linux-2.6.24.tar.bz2.
213 solar 1.223
214     *hardened-sources-2.6.24-r2 (11 May 2008)
215     *hardened-sources-2.6.23-r12 (11 May 2008)
216    
217     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
218     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
219     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
220     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
221     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
222     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
223     security bugs 219901, 220691, 220975, 220979, 221123. New
224     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
225     should be removed as far as I'm concerned, everything else remove due to
226     vulnerable to numerous security bugs or brokeness.
227 nixnut 1.222
228     10 May 2008; nixnut <nixnut@gentoo.org>
229     hardened-sources-2.6.23-r11.ebuild:
230     Stable on ppc
231 solar 1.221
232     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
233     - -r11 stable on x86/amd64
234 solar 1.220
235     *hardened-sources-2.6.23-r11 (01 May 2008)
236    
237     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
238     - version bump to fix ulgy linux bugs
239 phreak 1.219
240     *hardened-sources-2.6.24-r1 (30 Apr 2008)
241    
242     30 Apr 2008; Christian Heim <phreak@gentoo.org>
243     +hardened-sources-2.6.24-r1.ebuild:
244     Revision bump (thanks to Kerin and Gordon, again), pulling
245     genpatches-2.6.24-7, solving #219089. Additionally contains further security
246     fixes plus some minor updates.
247 phreak 1.218
248     *hardened-sources-2.6.23-r10 (30 Apr 2008)
249    
250     30 Apr 2008; Christian Heim <phreak@gentoo.org>
251     +hardened-sources-2.6.23-r10.ebuild:
252     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
253     Additional contains "various other fixes".
254 phreak 1.217
255     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
256     Update the longdescription in metadata, thanks to Gordon Malm.
257 nixnut 1.216
258     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
259     Stable on ppc wrt bug #213255
260 solar 1.215
261     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
262     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
263     - stable on x86/amd64 per request. Removed obsolete ebuilds
264 phreak 1.214
265     *hardened-sources-2.6.24 (07 Apr 2008)
266    
267     07 Apr 2008; Christian Heim <phreak@gentoo.org>
268     +hardened-sources-2.6.24.ebuild:
269     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
270     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
271     for the many contributions and their continued effort in #216612) based on
272     2.6.24 and genpatches-2.6.24-5.
273    
274     The current ebuild/patchset contains these things:
275     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
276     * Introduces bespoke server and workstation oriented security levels
277     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
278 phreak 1.213
279     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
280     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
281     maintaining it).
282 phreak 1.212
283     24 Mar 2008; Christian Heim <phreak@gentoo.org>
284     hardened-sources-2.4.35-r2.ebuild:
285     Fixing SRC_URI for 2.4.35-r2.
286 phreak 1.211
287     *hardened-sources-2.6.23-r9 (22 Mar 2008)
288    
289     22 Mar 2008; Christian Heim <phreak@gentoo.org>
290     +hardened-sources-2.6.23-r9.ebuild:
291     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
292     * Change the default GIDs for some grsecurity options
293     * Revamp the Hardened [Gentoo] security level and make it the default level
294     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
295     * Fix a recursive lock -- call to capable() within ptrace_attach()
296     * Fix bug that allows audit and iscsi operations to be controlled via netlink
297 solar 1.210
298     *hardened-sources-2.6.23-r8 (27 Feb 2008)
299    
300     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
301     - version bump from Kerin Millar bug 210026
302 solar 1.209
303     17 Feb 2008; <solar@gentoo.org> metadata.xml,
304     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
305     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
306     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
307     - stable on x86 and remove old ebuilds
308 solar 1.207
309     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
310 solar 1.208 - stable on amd64 per request of amd64 lead
311 solar 1.206
312     *hardened-sources-2.6.23-r7 (11 Feb 2008)
313    
314     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
315     - version bump from kerin.millar
316     Changes:
317    
318     * Bump to genpatches-base-2.6.23-9
319     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
320     * Disables COMPAT_VDSO in x86/defconfig
321     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
322 phreak 1.205
323     25 Jan 2008; Christian Heim <phreak@gentoo.org>
324     -hardened-sources-2.6.22-r8.ebuild:
325     Cleaning up old versions.
326 phreak 1.204
327     *hardened-sources-2.6.23-r6 (25 Jan 2008)
328    
329     25 Jan 2008; Christian Heim <phreak@gentoo.org>
330     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
331     Revision bump, pulling in the latest genpatches.
332 phreak 1.203
333     *hardened-sources-2.6.23-r5 (24 Dec 2007)
334    
335     24 Dec 2007; Christian Heim <phreak@gentoo.org>
336     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
337     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
338     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
339     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
340 phreak 1.202
341     24 Dec 2007; Christian Heim <phreak@gentoo.org>
342     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
343     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
344     -hardened-sources-2.6.23-r3.ebuild:
345     Cleaning out some unused, old versions.
346 phreak 1.201
347     24 Dec 2007; Christian Heim <phreak@gentoo.org>
348     hardened-sources-2.6.23-r4.ebuild:
349     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
350     in the tree for long, but there isn't much of a difference between this and
351     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
352 phreak 1.200
353     *hardened-sources-2.6.23-r4 (23 Dec 2007)
354    
355     23 Dec 2007; Christian Heim <phreak@gentoo.org>
356     +hardened-sources-2.6.23-r4.ebuild:
357     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
358 phreak 1.199
359     *hardened-sources-2.6.23-r3 (04 Dec 2007)
360    
361     04 Dec 2007; Christian Heim <phreak@gentoo.org>
362     +hardened-sources-2.6.23-r3.ebuild:
363     Revision bump, pulling in 2.6.23.9.
364 phreak 1.198
365     *hardened-sources-2.6.23-r2 (25 Nov 2007)
366    
367     25 Nov 2007; Christian Heim <phreak@gentoo.org>
368     +hardened-sources-2.6.23-r2.ebuild:
369     Updated patchset, thanks to solar.
370 phreak 1.197
371     *hardened-sources-2.6.23-r1 (31 Oct 2007)
372    
373     31 Oct 2007; Christian Heim <phreak@gentoo.org>
374     +hardened-sources-2.6.23-r1.ebuild:
375     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
376 solar 1.196
377     29 Oct 2007; <solar@gentoo.org> metadata.xml:
378     - update metadata.xml
379 phreak 1.195
380     25 Oct 2007; Christian Heim <phreak@gentoo.org>
381     hardened-sources-2.6.22-r8.ebuild:
382     Marking 2.6.22-r8 stable on amd64 and x86.
383 phreak 1.194
384     21 Oct 2007; Christian Heim <phreak@gentoo.org>
385     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
386     -hardened-sources-2.6.21-r4.ebuild:
387     Removing old ebuilds.
388 phreak 1.193
389     *hardened-sources-2.4.35-r2 (21 Oct 2007)
390    
391     21 Oct 2007; Christian Heim <phreak@gentoo.org>
392     +hardened-sources-2.4.35-r2.ebuild:
393     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
394     patches.
395 phreak 1.192
396     *hardened-sources-2.6.22-r8 (21 Oct 2007)
397    
398     21 Oct 2007; Christian Heim <phreak@gentoo.org>
399     +hardened-sources-2.6.22-r8.ebuild:
400     Yet another new patch, hopefully fixing the remaining issues we had w/
401     2.6.22. Candidate for stabling.
402 phreak 1.191
403     *hardened-sources-2.6.23 (13 Oct 2007)
404    
405     13 Oct 2007; Christian Heim <phreak@gentoo.org>
406     +hardened-sources-2.6.23.ebuild:
407     Initial hardened-sources-2.6.23. If people still have problems w/ bug
408     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
409 phreak 1.190
410     11 Oct 2007; Christian Heim <phreak@gentoo.org>
411     hardened-sources-2.6.20-r10.ebuild:
412     Pulling in yet another new genpatches version, fixing the PWC bug for real.
413 phreak 1.189
414     04 Oct 2007; Christian Heim <phreak@gentoo.org>
415     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
416     Removing old versions.
417 phreak 1.188
418     *hardened-sources-2.6.22-r7 (01 Oct 2007)
419    
420     01 Oct 2007; Christian Heim <phreak@gentoo.org>
421     +hardened-sources-2.6.22-r7.ebuild:
422     Revision bump, pulling in a newer patch. Should fix #194276.
423 phreak 1.187
424     30 Sep 2007; Christian Heim <phreak@gentoo.org>
425     hardened-sources-2.6.20-r10.ebuild:
426     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
427     Mike Doty).
428 phreak 1.186
429     *hardened-sources-2.6.22-r6 (26 Sep 2007)
430    
431     26 Sep 2007; Christian Heim <phreak@gentoo.org>
432     +hardened-sources-2.6.22-r6.ebuild:
433     Revision bump, grabbing up till Linux 2.6.22.9.
434 phreak 1.185
435     24 Sep 2007; Christian Heim <phreak@gentoo.org>
436     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
437     Cleaning up further.
438 phreak 1.184
439     *hardened-sources-2.6.20-r10 (24 Sep 2007)
440    
441     24 Sep 2007; Christian Heim <phreak@gentoo.org>
442     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
443     +hardened-sources-2.6.20-r10.ebuild:
444     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
445     revisions.
446 phreak 1.183
447     *hardened-sources-2.6.22-r5 (22 Sep 2007)
448    
449     22 Sep 2007; Christian Heim <phreak@gentoo.org>
450     +hardened-sources-2.6.22-r5.ebuild:
451     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
452 phreak 1.182
453     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
454     Removing johnm from metadata.xml (see #186467 for reference).
455 phreak 1.181
456     *hardened-sources-2.6.22-r4 (17 Sep 2007)
457    
458     17 Sep 2007; Christian Heim <phreak@gentoo.org>
459     +hardened-sources-2.6.22-r4.ebuild:
460     Revision bump, hopefully fixing all those weird PAX failures.
461 phreak 1.180
462     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
463     Updating the metadata.xml.
464 phreak 1.179
465     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
466     Removing tocharian from metadata due to his retirement (see #71718 for
467     reference).
468 phreak 1.178
469     *hardened-sources-2.6.20-r9 (30 Aug 2007)
470    
471     30 Aug 2007; Christian Heim <phreak@gentoo.org>
472     +hardened-sources-2.6.20-r9.ebuild:
473     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
474 phreak 1.177
475     29 Aug 2007; Christian Heim <phreak@gentoo.org>
476     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
477     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
478     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
479     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
480     -hardened-sources-2.6.22-r2.ebuild:
481     Removing some redundant versions.
482 phreak 1.176
483     *hardened-sources-2.4.35-r1 (29 Aug 2007)
484    
485     29 Aug 2007; Christian Heim <phreak@gentoo.org>
486     +hardened-sources-2.4.35-r1.ebuild:
487     Revision bump, new grsecurity patch.
488 phreak 1.175
489     *hardened-sources-2.6.20-r8 (26 Aug 2007)
490    
491     26 Aug 2007; Christian Heim <phreak@gentoo.org>
492     +hardened-sources-2.6.20-r8.ebuild:
493     Revision bump for Linux 2.6.20.17.
494 phreak 1.174
495     *hardened-sources-2.6.22-r3 (22 Aug 2007)
496    
497     22 Aug 2007; Christian Heim <phreak@gentoo.org>
498     +hardened-sources-2.6.22-r3.ebuild:
499     Revision bump for Linux 2.6.22.4.
500 phreak 1.173
501     16 Aug 2007; Christian Heim <phreak@gentoo.org>
502     hardened-sources-2.6.22-r2.ebuild:
503     Updated patchset, to fix the alignment against 2.6.22.3.
504 phreak 1.172
505     *hardened-sources-2.6.22-r2 (16 Aug 2007)
506    
507     16 Aug 2007; Christian Heim <phreak@gentoo.org>
508     +hardened-sources-2.6.22-r2.ebuild:
509     Revision bump for Linux 2.6.22.3.
510 phreak 1.171
511     *hardened-sources-2.4.35 (16 Aug 2007)
512    
513     16 Aug 2007; Christian Heim <phreak@gentoo.org>
514     +hardened-sources-2.4.35.ebuild:
515     Version bump, initial version for Linux 2.4.35.
516 phreak 1.170
517     *hardened-sources-2.6.21-r4 (16 Aug 2007)
518    
519     16 Aug 2007; Christian Heim <phreak@gentoo.org>
520     +hardened-sources-2.6.21-r4.ebuild:
521     Revision bump for Linux 2.6.21.6.
522 phreak 1.169
523     *hardened-sources-2.6.20-r7 (16 Aug 2007)
524    
525     16 Aug 2007; Christian Heim <phreak@gentoo.org>
526     +hardened-sources-2.6.20-r7.ebuild:
527     Revision bump for Linux 2.6.20.16.
528 phreak 1.168
529     *hardened-sources-2.6.22-r1 (13 Aug 2007)
530    
531     13 Aug 2007; Christian Heim <phreak@gentoo.org>
532     +hardened-sources-2.6.22-r1.ebuild:
533     Yet another revision bump.
534 phreak 1.167
535     *hardened-sources-2.6.22 (10 Aug 2007)
536    
537     10 Aug 2007; Christian Heim <phreak@gentoo.org>
538     +hardened-sources-2.6.22.ebuild:
539     Initial release for 2.6.22. If you are using hardened-sources on a desktop
540     machine (P4 or newer), be aware you might need to disable
541     CONFIG_PAX_PAGEEXEC.
542 phreak 1.166
543     04 Aug 2007; Christian Heim <phreak@gentoo.org>
544     hardened-sources-2.6.20-r6.ebuild:
545     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
546     2.6.20.15.
547 phreak 1.165
548     10 Jul 2007; Christian Heim <phreak@gentoo.org>
549     hardened-sources-2.6.20-r5.ebuild:
550     Marking hardened-sources-2.6.20-r5 stable on ppc.
551 phreak 1.164
552     10 Jul 2007; Christian Heim <phreak@gentoo.org>
553     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
554     Cleanup.
555 phreak 1.163
556     *hardened-sources-2.6.20-r6 (08 Jul 2007)
557    
558     08 Jul 2007; Christian Heim <phreak@gentoo.org>
559     +hardened-sources-2.6.20-r6.ebuild:
560     Revision bump, grabbing yet another stable release.
561 phreak 1.162
562     17 Jun 2007; Christian Heim <phreak@gentoo.org>
563     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
564     -hardened-sources-2.6.21-r2.ebuild:
565     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
566     alpha stable KEYWORD by mistake.
567 phreak 1.161
568     17 Jun 2007; Christian Heim <phreak@gentoo.org>
569     hardened-sources-2.6.20-r5.ebuild:
570     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
571     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
572 phreak 1.160
573     *hardened-sources-2.6.21-r3 (12 Jun 2007)
574    
575     12 Jun 2007; Christian Heim <phreak@gentoo.org>
576     +hardened-sources-2.6.21-r3.ebuild:
577     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
578     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
579     love.
580 phreak 1.159
581     *hardened-sources-2.6.20-r5 (11 Jun 2007)
582    
583     11 Jun 2007; Christian Heim <phreak@gentoo.org>
584     +hardened-sources-2.6.20-r5.ebuild:
585     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
586     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
587     love.
588 pappy 1.158
589     *hardened-sources-2.4.34.5 (11 Jun 2007)
590    
591     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
592     +hardened-sources-2.4.34.5.ebuild:
593     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
594 phreak 1.157
595     30 May 2007; Christian Heim <phreak@gentoo.org>
596     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
597     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
598     stale ebuild(s).
599 phreak 1.156
600     30 May 2007; Christian Heim <phreak@gentoo.org>
601     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
602     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
603     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
604     Doing some cleanups, remove stale ebuilds.
605 phreak 1.155
606     26 May 2007; Christian Heim <phreak@gentoo.org>
607     hardened-sources-2.6.21-r2.ebuild:
608     Fixing the grsecurity patch, had one '};' too much.
609 phreak 1.154
610     *hardened-sources-2.6.21-r2 (26 May 2007)
611    
612     26 May 2007; Christian Heim <phreak@gentoo.org>
613     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
614     +hardened-sources-2.6.21-r2.ebuild:
615     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
616     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
617 phreak 1.153
618     *hardened-sources-2.6.20-r4 (26 May 2007)
619    
620     26 May 2007; Christian Heim <phreak@gentoo.org>
621     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
622     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
623 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
624 phreak 1.152
625     15 May 2007; Christian Heim <phreak@gentoo.org>
626     hardened-sources-2.6.20-r3.ebuild:
627     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
628     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
629     grsecurity patch fail in that exact same hunk.
630 phreak 1.151
631     *hardened-sources-2.6.20-r3 (15 May 2007)
632    
633     15 May 2007; Christian Heim <phreak@gentoo.org>
634     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
635     Revision bump, incorporating Linux 2.6.20.11.
636    
637     *hardened-sources-2.6.21-r1 (11 May 2007)
638    
639     11 May 2007; Christian Heim <phreak@gentoo.org>
640     +hardened-sources-2.6.21-r1.ebuild:
641     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
642     mentioned in #177234.
643 kevquinn 1.150
644     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
645     files/digest-hardened-sources-2.6.21, Manifest:
646     Fix Manifest/digest for linux-2.6.21.tar.bz2
647 phreak 1.149
648     06 May 2007; Christian Heim <phreak@gentoo.org>
649     hardened-sources-2.6.21.ebuild:
650     Bumping the hardened-patches version, needed for the fix for #177234.
651 phreak 1.148
652     *hardened-sources-2.6.21 (02 May 2007)
653    
654     02 May 2007; Christian Heim <phreak@gentoo.org>
655     +hardened-sources-2.6.21.ebuild:
656     Version bump, Linux 2.6.21-hardened.
657 phreak 1.147
658     29 Apr 2007; Christian Heim <phreak@gentoo.org>
659     hardened-sources-2.6.20-r2.ebuild:
660     Adding ~ia64 on Ned's request.
661 phreak 1.146
662     29 Apr 2007; Christian Heim <phreak@gentoo.org>
663     hardened-sources-2.6.20-r2.ebuild:
664     Fixing the included grsecurity patch, wasn't alligning due to the Index:
665     header line(s).
666 phreak 1.145
667     29 Apr 2007; Christian Heim <phreak@gentoo.org>
668     hardened-sources-2.6.20-r2.ebuild:
669     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
670 armin76 1.144
671     *hardened-sources-2.6.20-r2 (10 Apr 2007)
672    
673     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
674     +hardened-sources-2.6.20-r2.ebuild:
675     Version bump, on behalf of phreak
676 phreak 1.143
677     *hardened-sources-2.6.20-r1 (04 Apr 2007)
678    
679     04 Apr 2007; Christian Heim <phreak@gentoo.org>
680     +hardened-sources-2.6.20-r1.ebuild:
681     Revision bump, grabbing a newer grsecurity snapshot.
682 phreak 1.142
683     *hardened-sources-2.6.20 (25 Mar 2007)
684    
685     25 Mar 2007; Christian Heim <phreak@gentoo.org>
686     +hardened-sources-2.6.20.ebuild:
687     Finally a hardened-sources version for 2.6.20; many people have been waiting
688     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
689     testbox.
690 chainsaw 1.141
691     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
692     hardened-sources-2.6.18-r6.ebuild:
693     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
694 phreak 1.140
695     *hardened-sources-2.6.18-r6 (16 Mar 2007)
696    
697     16 Mar 2007; Christian Heim <phreak@gentoo.org>
698     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
699     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
700     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
701     supposed to be.
702 phreak 1.139
703     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
704     Fixing the Manifest, the previous one was broken (as in still had the
705     deleted ebuild in it).
706 phreak 1.138
707     06 Mar 2007; Christian Heim <phreak@gentoo.org>
708     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
709     +hardened-sources-2.6.18-r5.ebuild:
710     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
711     Linux 2.6.18.8. Also cleaning up the older version.
712    
713     *hardened-sources-2.6.18-r5 (06 Mar 2007)
714    
715     06 Mar 2007; Christian Heim <phreak@gentoo.org>
716     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
717     +hardened-sources-2.6.18-r5.ebuild:
718     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
719     Linux 2.6.18.8. Also cleaning up the older version.
720 phreak 1.137
721     24 Feb 2007; Christian Heim <phreak@gentoo.org>
722     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
723     -hardened-sources-2.6.19-r5.ebuild:
724     Removing some of the old version, that didn't work.
725 phreak 1.136
726     *hardened-sources-2.6.19-r6 (12 Feb 2007)
727    
728     12 Feb 2007; Christian Heim <phreak@gentoo.org>
729     +hardened-sources-2.6.19-r6.ebuild:
730     Revision bump, including a new grsec version fixing #166235.
731 pappy 1.134
732     *hardened-sources-2.4.34 (24 Jan 2007)
733    
734     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
735 pappy 1.135 Manifest:
736     updating Manifest with checksums of new tarball and ebuild
737    
738     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
739 pappy 1.134 +hardened-sources-2.4.34.ebuild:
740     I added new hardened sources 2.4 update, this is a critical path
741     security bugfix - all users of h-s are strongly advised
742     to update their existing hardened sources to this version.
743     It contains a fix for a kernel vulnerability that is pertaining
744     to the PaX changes to virtual memory management, possibly leading
745     to a local kernel exploit ... see grsecurity.net forums and homepage
746 phreak 1.133
747     23 Jan 2007; Christian Heim <phreak@gentoo.org>
748     files/digest-hardened-sources-2.6.19-r5, Manifest:
749     Fixing the patch-tarball digest.
750 phreak 1.132
751     *hardened-sources-2.6.19-r5 (23 Jan 2007)
752    
753     23 Jan 2007; Christian Heim <phreak@gentoo.org>
754     +hardened-sources-2.6.19-r5.ebuild:
755     Revision bump, closing the recently discovered PaX expand_stack()
756     vulnerability.
757 phreak 1.131
758     *hardened-sources-2.6.19-r4 (14 Jan 2007)
759    
760     14 Jan 2007; Christian Heim <phreak@gentoo.org>
761     +hardened-sources-2.6.19-r4.ebuild:
762     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
763     dropping the randomized PID feature.
764 opfer 1.130
765     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
766     hardened-sources-2.4.33.4.ebuild:
767     stable x86, bug #161171
768 phreak 1.129
769     *hardened-sources-2.6.19-r3 (27 Dec 2006)
770    
771     27 Dec 2006; Christian Heim <phreak@gentoo.org>
772     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
773     Revision bump for bug #157186 and #158786.
774 phreak 1.128
775     *hardened-sources-2.6.18-r4 (27 Dec 2006)
776    
777     27 Dec 2006; Christian Heim <phreak@gentoo.org>
778     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
779     Revision bump for bug #157186.
780 phreak 1.127
781     *hardened-sources-2.6.19-r2 (23 Dec 2006)
782    
783     23 Dec 2006; Christian Heim <phreak@gentoo.org>
784     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
785     Revision bump to pull in genpatches-2.6.19-3 for #157186.
786 phreak 1.126
787     17 Dec 2006; Christian Heim <phreak@gentoo.org>
788     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
789     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
790     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
791     hardened-sources-2.6.19-r1.ebuild:
792     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
793     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
794 pappy 1.125
795     *hardened-sources-2.4.33.4 (17 Dec 2006)
796    
797     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
798     +hardened-sources-2.4.33.4.ebuild:
799     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
800     and quilting
801 phreak 1.124
802     *hardened-sources-2.6.19-r1 (14 Dec 2006)
803    
804     14 Dec 2006; Christian Heim <phreak@gentoo.org>
805     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
806     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
807     for reporting).
808 phreak 1.123
809     *hardened-sources-2.6.19 (13 Dec 2006)
810    
811     13 Dec 2006; Christian Heim <phreak@gentoo.org>
812     +hardened-sources-2.6.19.ebuild:
813     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
814     Brad for providing that prompt update.
815 phreak 1.122
816     *hardened-sources-2.6.18-r3 (13 Dec 2006)
817    
818     13 Dec 2006; Christian Heim <phreak@gentoo.org>
819     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
820     +hardened-sources-2.6.18-r3.ebuild:
821     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
822     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
823 phreak 1.121
824     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
825     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
826 nixnut 1.120
827     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
828     Stable on ppc wrt bug 157356
829 opfer 1.119
830     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
831     hardened-sources-2.6.18.ebuild:
832     stable x86, bug #157356
833 phreak 1.118
834     *hardened-sources-2.6.18-r2 (06 Dec 2006)
835    
836     06 Dec 2006; Christian Heim <phreak@gentoo.org>
837     +hardened-sources-2.6.18-r2.ebuild:
838     Revision bump, including 2.6.18.5 (via genpatches) and
839     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
840     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
841     redesign.
842 phreak 1.117
843     06 Dec 2006; Christian Heim <phreak@gentoo.org>
844     hardened-sources-2.6.18.ebuild:
845     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
846     of Mike Doty).
847 phreak 1.116
848     *hardened-sources-2.6.18-r1 (23 Nov 2006)
849    
850     23 Nov 2006; Christian Heim <phreak@gentoo.org>
851     +hardened-sources-2.6.18-r1.ebuild:
852     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
853 phreak 1.115
854     *hardened-sources-2.6.18 (11 Nov 2006)
855    
856     11 Nov 2006; Christian Heim <phreak@gentoo.org>
857     +hardened-sources-2.6.18.ebuild:
858     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
859 solar 1.114
860     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
861     - mark amd64 stable also. bug #151877
862 solar 1.113
863     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
864     - mark 2.6.17-r1 stable
865 phreak 1.112
866     27 Aug 2006; Christian Heim <phreak@gentoo.org>
867     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
868     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
869 phreak 1.111
870     *hardened-sources-2.6.17-r1 (26 Aug 2006)
871    
872     26 Aug 2006; Christian Heim <phreak@gentoo.org>
873     +hardened-sources-2.6.17-r1.ebuild:
874     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
875     grsecurity patch.
876 phreak 1.110
877     *hardened-sources-2.6.17 (17 Aug 2006)
878    
879     17 Aug 2006; Christian Heim <phreak@gentoo.org>
880     +hardened-sources-2.6.17.ebuild:
881     Bumping the hardened-sources-2.6 series to 2.6.17, using
882     genpatches-2.6.17-6.base.
883 solar 1.109
884     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
885     - stable on x86 and amd64
886 solar 1.108
887     *hardened-sources-2.6.16-r11 (15 Jul 2006)
888    
889     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
890     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
891     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
892     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
893     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
894     crusty ebuilds
895 johnm 1.107
896     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
897     hardened-sources-2.6.16-r10.ebuild:
898     marking stable on x86 and amd64
899 solar 1.106
900     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
901     - 2.4.32-r6 stable on x86. RSBAC state unknown
902 kang 1.105
903     *hardened-sources-2.4.32-r7 (10 Jul 2006)
904    
905     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
906     +hardened-sources-2.4.32-r7.ebuild:
907     Bump PaX for RSBAC to test-17
908 johnm 1.104
909     *hardened-sources-2.6.16-r9 (03 Jul 2006)
910    
911     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
912     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
913     hardened-sources-2.6.16 bump to latest -base.
914 solar 1.103
915     *hardened-sources-2.4.32-r6 (30 Jun 2006)
916    
917     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
918     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
919     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
920     sysctl controlable resource logging
921 johnm 1.102
922     *hardened-sources-2.6.16-r7 (05 Jun 2006)
923    
924     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
925     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
926     push new 2.6.16 release in preparation for stable
927 solar 1.101
928     22 May 2006; <solar@gentoo.org> :
929     - redigest bug 134002
930 kang 1.100
931     *hardened-sources-2.4.32-r5 (16 May 2006)
932    
933     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
934     +hardened-sources-2.4.32-r5.ebuild:
935     Fixes rsbac common patching (new patch in new -r5 patchset)
936 solar 1.99
937     *hardened-sources-2.4.32-r4 (13 May 2006)
938    
939     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
940     +hardened-sources-2.4.32-r4.ebuild:
941     - security bumps
942 johnm 1.98
943     *hardened-sources-2.6.16-r6 (03 May 2006)
944    
945     03 May 2006; John Mylchreest <johnm@gentoo.org>
946     +hardened-sources-2.6.16-r6.ebuild:
947     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
948 johnm 1.97
949     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
950     hardened-sources-2.6.14-r8.ebuild:
951     fix x86_64 build problem, this will delay the digest issue again for a short
952     while but it will sort itself out
953 johnm 1.96
954     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
955     hardened-sources-2.6.14-r8.ebuild:
956     bump hardened patchset
957 antarus 1.94
958     27 Apr 2006; Alec Warner <antarus@gentoo.org>
959     files/digest-hardened-sources-2.4.32-r2,
960     files/digest-hardened-sources-2.4.32-r3,
961     files/digest-hardened-sources-2.6.14-r8, Manifest:
962     Fixing duff SHA256 digests: Bug # 131293
963 johnm 1.93
964 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
965    
966     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
967     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
968     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
969     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
970     cleanup of old uneccessary sources
971    
972 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
973     fix digest
974 johnm 1.92
975     *hardened-sources-2.6.14-r8 (20 Apr 2006)
976    
977     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
978     +hardened-sources-2.6.14-r8.ebuild:
979     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
980 johnm 1.91
981     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
982     Turning on gpg-signing again, and recomitting
983 johnm 1.90
984     *hardened-sources-2.6.16-r4 (20 Apr 2006)
985    
986     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
987     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
988     +hardened-sources-2.6.16-r4.ebuild:
989     Fix numerous security vulns
990 solar 1.89
991     *hardened-sources-2.4.32-r3 (16 Apr 2006)
992    
993     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
994     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
995     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
996     - security bump for bug #112791. Removed old ebuilds
997 johnm 1.88
998     *hardened-sources-2.6.16-r3 (15 Apr 2006)
999    
1000     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1001     +hardened-sources-2.6.16-r3.ebuild:
1002     Removing silly localversion which I missed
1003 johnm 1.87
1004     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1005    
1006     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1007     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1008     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1009 johnm 1.86
1010     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1011    
1012     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1013     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1014     +hardened-sources-2.6.16-r2.ebuild:
1015     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1016     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1017 johnm 1.85
1018     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1019    
1020     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1021     +hardened-sources-2.6.16-r1.ebuild:
1022     Bumping to include ppc build fix and 2.6.16.3
1023 tsunam 1.84
1024     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1025     hardened-sources-2.6.14-r6.ebuild:
1026     Stable on x86; bug #127718
1027 johnm 1.83
1028     *hardened-sources-2.6.16 (31 Mar 2006)
1029    
1030     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1031     +hardened-sources-2.6.16.ebuild:
1032     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1033     2.6.16.1
1034 cryos 1.82
1035     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1036     hardened-sources-2.6.14-r6.ebuild:
1037     Stable on amd64, bug 127718.
1038 nixnut 1.81
1039     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1040     Stable on ppc. Bug #127718
1041 johnm 1.80
1042     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1043     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1044     -hardened-sources-2.6.14-r4.ebuild:
1045     Cleanup.
1046 johnm 1.79
1047     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1048    
1049     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1050     +hardened-sources-2.6.14-r6.ebuild:
1051     Fixes grsec policy recreation bug and adds a
1052     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1053 solar 1.78
1054     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1055     - stable on x86
1056 hansmi 1.77
1057     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1058     hardened-sources-2.6.14-r5.ebuild:
1059     Stable on ppc.
1060 johnm 1.76
1061     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1062    
1063     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1064     +hardened-sources-2.6.14-r5.ebuild:
1065     fixing every known exploit
1066 solar 1.75
1067     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1068    
1069     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1070     +hardened-sources-2.4.32-r2.ebuild:
1071     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1072 solar 1.74
1073     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1074    
1075     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1076     - version bump for new genpatches which fix up a few sec holes
1077 solar 1.73
1078     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1079    
1080     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1081     - revision bump to add misc vital linux kernel security patches.
1082 johnm 1.72
1083     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1084    
1085     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1086     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1087     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1088 johnm 1.71
1089     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1090     hardened-sources-2.6.14-r2.ebuild:
1091     making x86 & amd64 stable following testing.
1092 johnm 1.70
1093     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1094    
1095     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1096     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1097     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1098     network hooks.
1099 johnm 1.69
1100     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1101     hardened-sources-2.6.14-r1.ebuild:
1102     bumping to stable early for sec fix on x86 & amd64
1103 johnm 1.68
1104     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1105    
1106     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1107     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1108     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1109 solar 1.67
1110     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1111     - stable on x86 security bug #114227 CAN-2005-3257
1112 kang 1.66
1113     *hardened-sources-2.4.32 (19 Nov 2005)
1114    
1115     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1116     +hardened-sources-2.4.32.ebuild:
1117     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1118     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1119     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1120     rsbac >> /etc/portage/package.use)
1121 johnm 1.65
1122     *hardened-sources-2.6.14 (14 Nov 2005)
1123    
1124     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1125     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1126     Bumping 2.6 series to 2.6.14.2
1127 johnm 1.64
1128     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1129    
1130     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1131     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1132     +hardened-sources-2.6.13-r2.ebuild:
1133     Fixes minor build error in ppc.
1134 johnm 1.63
1135     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1136    
1137     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1138     +hardened-sources-2.6.13-r1.ebuild:
1139     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1140     2.6.13.4, fixes some major amd64 stability problems.
1141 johnm 1.62
1142     *hardened-sources-2.6.13 (16 Sep 2005)
1143    
1144     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1145     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1146     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1147     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1148     users should test this thoroughly.
1149 solar 1.61
1150     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1151     - stable on x86
1152 johnm 1.60
1153     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1154    
1155     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1156     +hardened-sources-2.6.11-r15.ebuild:
1157     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1158     grsec redefining curr_ip struct.
1159 solar 1.59
1160     *hardened-sources-2.4.31 (20 Jun 2005)
1161    
1162     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1163     initial import of 2.4.31 tree
1164 johnm 1.58
1165     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1166    
1167     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1168     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1169     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1170     naming scheme to abide by genpatches
1171 johnm 1.57
1172     *hardened-sources-2.6.11-r13 (18 May 2005)
1173    
1174     18 May 2005; John Mylchreest <johnm@gentoo.org>
1175     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1176     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1177     target. sorry about that. Fixes bug #93022
1178 johnm 1.56
1179     *hardened-sources-2.6.11-r12 (17 May 2005)
1180    
1181     17 May 2005; John Mylchreest <johnm@gentoo.org>
1182     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1183     +hardened-sources-2.6.11-r12.ebuild:
1184     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1185     merges in genpatches-base
1186 johnm 1.55
1187     *hardened-sources-2.6.11-r12 (17 May 2005)
1188    
1189     17 May 2005; John Mylchreest <johnm@gentoo.org>
1190     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1191     +hardened-sources-2.6.11-r12.ebuild:
1192     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1193     merges in genpatches-base
1194 solar 1.54
1195     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1196     -files/2.4.27-cmdline-race.patch,
1197     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1198     -files/2.4.28-grsec-binfmt_a.out.patch,
1199     -files/2.4.28-grsec-cmdline-race.patch,
1200     -files/2.4.28-selinux-binfmt_a.out.patch,
1201     -files/2.4.28-selinux-cmdline-race.patch,
1202     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1203     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1204     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1205     cleanup..
1206 solar 1.53
1207     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1208    
1209     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1210     - disable aout by default
1211 solar 1.52
1212     *hardened-sources-2.4.30 (18 Apr 2005)
1213    
1214     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1215     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1216     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1217     use
1218 tocharian 1.50
1219 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1220    
1221     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1222     +hardened-sources-2.4.29.ebuild:
1223     New hardened-patches-2.4-29.0 patchball.
1224     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1225    
1226     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1227    
1228     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1229     +hardened-sources-2.4.28-r5.ebuild:
1230     Added a fix for a PaX vulnerability.
1231    
1232     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1233 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1234     Stable on x86
1235 solar 1.49
1236     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1237     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1238     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1239     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1240     - fixed/added RDEPEND= in all kernel-2 ebuilds
1241 tocharian 1.48
1242     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1243    
1244     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1245     +hardened-sources-2.4.28-r4.ebuild:
1246     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1247     backport of neighbour hash updates.
1248 tocharian 1.47
1249     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1250     hardened-sources-2.4.28-r3.ebuild:
1251     Stable on x86
1252 tseng 1.46
1253     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1254    
1255     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1256     +hardened-sources-2.6.10-r3.ebuild:
1257     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1258     in 2005.0
1259 tocharian 1.45
1260     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1261     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1262     hardened-sources-2.4.28-r2.ebuild:
1263     Mark stable on x86
1264 tocharian 1.44
1265     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1266    
1267     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1268     +hardened-sources-2.4.28-r3.ebuild:
1269     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1270 tocharian 1.43
1271     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1272     hardened-sources-2.4.28.ebuild:
1273     Mark stable on x86.
1274 tocharian 1.42
1275     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1276    
1277     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1278     +hardened-sources-2.4.28-r2.ebuild:
1279     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1280     Mazinger for grsecurity patches as well.
1281 plasmaroo 1.41
1282     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1283    
1284     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1285     Security bump. Thank tocharian for rolling a new patchset...
1286 solar 1.40
1287     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1288     +files/2.4.28-grsec-cmdline-race.patch,
1289     +files/2.4.28-selinux-binfmt_a.out.patch,
1290     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1291     - Round up remaining security patches that appear to be missing in 2.4.28. -
1292     PaX standalone updated to current. hgpv=28.1
1293 solar 1.39
1294     *hardened-sources-2.4.28 (28 Nov 2004)
1295    
1296     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1297     security bump. Thank tocharian for rolling a new patchset
1298 scox 1.31
1299 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1300    
1301     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1302     +hardened-sources-2.4.27-r3.ebuild:
1303     Applies the new 2.4-27.2 patchball which updates
1304     GRSecurity to the 2.0.1 version.
1305    
1306 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1307    
1308     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1309     +hardened-sources-2.4.27-r2.ebuild:
1310     Version bump.
1311     This version uses the new 2.4-27.1 patchball which updates
1312     both the SELinux PaX hooks patch and the SELinux headers.
1313    
1314 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1315    
1316     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1317     +hardened-sources-2.4.27-r1.ebuild,
1318     -hardened-sources-2.4.27.ebuild,
1319     +files/2.4.27-cmdline-race.patch:
1320     Version bump, fix for cmdline race. See bug #59905.
1321    
1322     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1323    
1324     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1325     +hardened-sources-2.4.26-r6.ebuild,
1326     -hardened-sources-2.4.26-r5.ebuild,
1327     -hardened-sources-2.4.26-r4.ebuild,
1328     +files/2.4.26-cmdline-race.patch:
1329     Version bump, fix for cmdline race. See bug #59905.
1330    
1331 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1332    
1333     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1334     +hardened-sources-2.4.27.ebuild,
1335     +files/2.4.27-CAN-2004-0394.patch:
1336     Ported the patchball to the 2.4.27 kernel version.
1337    
1338 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1339    
1340     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1341     +hardened-sources-2.4.26-r5.ebuild:
1342 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1343 scox 1.34 It adds the following features:
1344     - Squashfs
1345     - Ebtables
1346     - Netdev random (core+drivers)
1347     - Watchdog Timer (WDT) fix.
1348    
1349 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1350    
1351     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1352     +hardened-sources-2.4.26-r4.ebuild,
1353     +files/2.4.26-CAN-2004-0415.patch,
1354     -hardened-sources-2.4.26-3:
1355     Version bump, fix for CAN 0415, see bug #59378.
1356    
1357 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1358    
1359     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1360     +hardened-sources-2.4.26-r3.ebuild,
1361     +files/2.4.26-CAN-2004-0497.patch,
1362     -hardened-sources-2.4.26-r2.ebuild:
1363     Version bump, fixed CAN 0497, see bug #56171.
1364    
1365 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1366    
1367     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1368 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1369 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1370     +files/2.4.26-CAN-2004-0535.patch,
1371     -hardened-sources-2.4.26-r1.ebuild:
1372     Fixes for both CAN 0495 and 0535, see bug #54976
1373 pvdabeel 1.27
1374 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1375     hardened-sources-2.4.26-r1.ebuild:
1376     QA - fix use invocation
1377 scox 1.28
1378     *hardened-sources-2.4.26-r1 (22 June 2004)
1379    
1380     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1381     +hardened-sources-2.4.26-r1.ebuild,
1382     +files/2.4.26-CAN-2004-0394.patch,
1383     +files/2.4.26-signal-race.patch,
1384     -hardened-sources-2.4.26.ebuild,
1385     -hardened-sources-2.4.24-r3.ebuild:
1386     Version bump for the CAN-2004-0394 issue and bug #53804
1387     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1388    
1389    
1390 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1391     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1392     Masked hardened-sources-2.4.26.ebuild broken for ppc
1393    
1394     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1395     hardened-sources-2.4.24-r3.ebuild:
1396     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1397 plasmaroo 1.25
1398 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1399    
1400     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1401     +hardened-sources-2.4.26.ebuild:
1402     Updated hardened-sources for the 2.4.26 kernel
1403     Removed broken components, updated almost everything.
1404    
1405 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1406    
1407     17 Apr 2004; <plasmaroo@gentoo.org>
1408     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1409     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1410     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1411     +hardened-sources-2.4.24-r3.ebuild:
1412     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1413     vulnerabilities. Old revisions removed.
1414 plasmaroo 1.24
1415     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1416    
1417     15 Apr 2004; <plasmaroo@gentoo.org>
1418     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1419     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1420     Version bump for the CAN-2004-0109 issue; bug #47881.
1421 aliz 1.23
1422     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1423     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1424     Add eutils to inherit.
1425 plasmaroo 1.22
1426     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1427    
1428     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1429     files/hardened-sources-2.4.24.munmap.patch:
1430     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1431 scox 1.19
1432 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1433 scox 1.26
1434 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1435     hardened-sources-2.4.24.ebuild:
1436     Version bump, updated most of the components.
1437     This release includes the following:
1438    
1439     - Hardened security
1440     - Netfilter patch-o-matic 20031219
1441     - FreeSWAN 2.04 & x509 1.4.8
1442     - EVMS 2.2.2
1443     - XFS 1.3.1
1444     - cryptoloop jari
1445     - grsecurity 2.0-rc4
1446     - SELinux
1447     - PaX 200402060000
1448     - PaX Obscurity 200308302223
1449     - Others...
1450    
1451     Neither -ck nor systrace are included anymore.
1452    
1453 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1454    
1455     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1456     hardened-sources-2.4.22-r2.ebuild:
1457 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1458 scox 1.19
1459     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1460 iggy 1.17
1461     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1462 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1463 iggy 1.16
1464     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1465 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1466     Version bump for the 'do_brk' vulnerability.
1467 iggy 1.15
1468     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1469     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1470     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1471     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1472 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1473 frogger 1.14
1474     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1475     hardened-sources-2.4.22.ebuild:
1476 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1477     components. These are no longer handled in the kernel
1478     so this code was not necessary.
1479 frogger 1.13
1480     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1481     New 2.4.22 based hardened-sources thanks to
1482     Phil West <p.west@computer.org>.
1483    
1484     These sources include:
1485 plasmaroo 1.18 - New SELinux API
1486     - Updated CK-base
1487     - Updated GRSec
1488     - Systrace
1489     - SuperFreeS/WAN 1.99.8
1490     - Propolice kernel build support
1491     - EVMS
1492     - Other various security related patches
1493 frogger 1.11
1494 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1495    
1496     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1497     Updated hardened-sources based on the 2.4.21 Linux kernel.
1498     This includes updates to most major components such as:
1499 plasmaroo 1.18 - ck-base-0306300059
1500     - selinux-2.4-2003071106
1501     - grsecurity-2.0-rc1
1502     - Updated IPTables patch-o-matic
1503     - Updated SuperFreeS/WAN
1504    
1505 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1506     updated patch set ready for the 2.4.21 based kernel.
1507    
1508 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1509     Initial import of hardened-sources-2.4.20-r4. This revision
1510     includes only a few changes, but one of these is an important
1511     security fix. It is recommended all users of hardened-sources
1512     upgrade to this release.
1513 plasmaroo 1.18
1514 frogger 1.11 - ioperm bug fix
1515     - fixed compilation failure when building without GRSec
1516 plasmaroo 1.18
1517 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1518     due to time constraints, but is planned for inclusion in the near
1519     future.
1520 msterret 1.10
1521     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1522    
1523     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1524     hardened-sources-2.4.20-r3.ebuild:
1525 plasmaroo 1.18 Add Header...
1526 frogger 1.9
1527     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1528     hardened-sources-2.4.20-r3.ebuild:
1529     Removed warnings from ebuild. This kernel should be safe to
1530     use at this point.
1531 frogger 1.8
1532     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1533    
1534     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1535     hardened-sources-2.4.20-r3.ebuild:
1536     New revision. Includes the following changes over -r2:
1537 plasmaroo 1.18
1538 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1539     - Super FreeS/WAN 1.99.7rc2
1540     - PaX for the LSM/SELinux branch
1541     - GRSecurity 2.0-pre4 (role based access control)
1542     - Systrace 1.3
1543     - EXT3 fixes
1544     - EVMS 2.0.1
1545     - GCC 3.1+ compile optimizations
1546     - ProPolice kernel build support
1547     - Hashing table security fixes
1548 frogger 1.3
1549     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1550 frogger 1.7
1551     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1552     Initial import of hardened-sources-r2. This new
1553     ebuild includes many new performance and security
1554     related patches. As in -r1, it will patch in
1555     LSM/SELinux if "selinux" is in USE, otherwise it
1556     will patch in GRSecurity. The following patches
1557     are included in this revision:
1558 plasmaroo 1.18
1559 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1560     (pulled from the base CK patch)
1561     - ptrace exploit patch for the LSM kernel
1562     (the GRSec patch already fixes this)
1563     - LSM 2.4-2003040709
1564     - SELinux 2.4-2003040709
1565     - Systrace v1.2
1566     - IPTables patch-o-matic base patches - 20030107
1567     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1568     - Super FreeS/WAN 1.99.6.1
1569     - GRSecurity 1.9.9g
1570     - MPPE
1571     - EXT3 data journal fix
1572     - CIPE 1.5.4
1573 frogger 1.6
1574     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1575     hardened-sources-2.4.20-r1.ebuild, manifest:
1576 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1577 frogger 1.5
1578     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1579     hardened-sources-2.4.20-r1.ebuild:
1580     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1581     is patched in instead. Ptrace patches for selinux have also been added. In
1582     either case, systrace support will be patched in as well.
1583 frogger 1.3
1584     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1585     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1586 plasmaroo 1.18 Revision bump for new sources.
1587 frogger 1.4
1588 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1589 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1590 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1591 method 1.1
1592 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1593    
1594 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1595     hardened-sources-2.4.20.ebuild:
1596 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20