/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.265 - (hide annotations) (download)
Sun Dec 7 00:13:02 2008 UTC (6 years, 4 months ago) by gengor
Branch: MAIN
Changes since 1.264: +8 -1 lines
Add hardened-sources-2.6.27-r3.
(Portage version: 2.1.4.5)

1 method 1.1 # ChangeLog for sys-kernel/hardened-sources
2 phreak 1.204 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 gengor 1.265 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.264 2008/12/03 05:07:16 gengor Exp $
4    
5     *hardened-sources-2.6.27-r3 (07 Dec 2008)
6    
7     07 Dec 2008; Gordon Malm <gengor@gentoo.org>
8     +hardened-sources-2.6.27-r3.ebuild:
9     Bump to latest genpatches, including Linux 2.6.27.8. Bump grsec/pax patches.
10     Fixes bug #248754, #249729 and #246607.
11 gengor 1.264
12     03 Dec 2008; Gordon Malm <gengor@gentoo.org>
13     -hardened-sources-2.6.25-r9.ebuild, -hardened-sources-2.6.26-r5.ebuild:
14     Remove old versions.
15 gengor 1.262
16     *hardened-sources-2.6.26-r7 (03 Dec 2008)
17     *hardened-sources-2.6.25-r11 (03 Dec 2008)
18    
19 gengor 1.263 03 Dec 2008; Gordon Malm <gengor@gentoo.org>
20     +hardened-sources-2.6.25-r11.ebuild, +hardened-sources-2.6.26-r7.ebuild:
21 gengor 1.262 2.6.25-r11: Fixes bugs 246607, 246710, 247453 and 248754.
22     2.6.26-r7: Fixes bugs 246607, 246710, 246763, 247453 and 248754.
23     Both include many backports from 2.6.27.{6,7} -stable releases.
24 gengor 1.261
25     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
26     -hardened-sources-2.6.27.ebuild, -hardened-sources-2.6.27-r1.ebuild:
27     Remove versions broken on ARCHes != x86/amd64.
28 gengor 1.260
29     *hardened-sources-2.6.27-r2 (24 Nov 2008)
30    
31     24 Nov 2008; Gordon Malm <gengor@gentoo.org>
32     +hardened-sources-2.6.27-r2.ebuild:
33     Bump to Linux 2.6.27.7 and latest grsecurity patch.
34 gengor 1.259
35     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
36     -hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r4.ebuild:
37     Remove old versions.
38 gengor 1.258
39     19 Nov 2008; Gordon Malm <gengor@gentoo.org>
40     hardened-sources-2.6.27.ebuild, hardened-sources-2.6.27-r1.ebuild:
41     Remove all but ~amd64 & ~x86 keywords (broken elsewhere).
42 nixnut 1.257
43     16 Nov 2008; nixnut <nixnut@gentoo.org>
44     hardened-sources-2.6.25-r10.ebuild:
45     Stable on ppc
46 gengor 1.256
47     15 Nov 2008; Gordon Malm <gengor@gentoo.org>
48     hardened-sources-2.6.25-r10.ebuild:
49     Stable amd64/x86.
50 gengor 1.255
51     *hardened-sources-2.6.26-r6 (12 Nov 2008)
52    
53     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
54     +hardened-sources-2.6.26-r6.ebuild:
55     Bump to Linux 2.6.26.8 and fix security bug #245650.
56 gengor 1.254
57     *hardened-sources-2.6.25-r10 (12 Nov 2008)
58    
59     12 Nov 2008; Gordon Malm <gengor@gentoo.org>
60     +hardened-sources-2.6.25-r10.ebuild:
61     Update to Linux 2.6.25.20 and fix bugs #245427, #245650.
62 gengor 1.253
63     *hardened-sources-2.6.27-r1 (09 Nov 2008)
64    
65     09 Nov 2008; Gordon Malm <gengor@gentoo.org>
66     +hardened-sources-2.6.27-r1.ebuild:
67     Bump to stable kernel 2.6.27.5 and latest grsecurity patch.
68 gengor 1.252
69     *hardened-sources-2.6.27 (04 Nov 2008)
70    
71     04 Nov 2008; Gordon Malm <gengor@gentoo.org>
72     +hardened-sources-2.6.27.ebuild:
73     Initial 2.6.27 release.
74 gengor 1.251
75     *hardened-sources-2.6.26-r5 (03 Nov 2008)
76    
77     03 Nov 2008; Gordon Malm <gengor@gentoo.org>
78     -hardened-sources-2.6.25-r7.ebuild, -hardened-sources-2.6.26-r2.ebuild,
79     +hardened-sources-2.6.26-r5.ebuild:
80     2.6.26-r5: Bump to Linux 2.6.26.7, PaX updates.
81     Clean out some old versions.
82 nixnut 1.250
83     02 Nov 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r9.ebuild:
84     Stable on ppc
85 gengor 1.249
86     30 Oct 2008; Gordon Malm <gengor@gentoo.org>
87     hardened-sources-2.6.25-r9.ebuild:
88     Stable on amd64/x86.
89 gengor 1.248
90     *hardened-sources-2.6.25-r9 (26 Oct 2008)
91    
92     26 Oct 2008; Gordon Malm <gengor@gentoo.org>
93     +hardened-sources-2.6.25-r9.ebuild:
94     Update to Linux 2.6.25.19
95 nixnut 1.247
96     15 Oct 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r8.ebuild:
97     Stable on ppc
98 gengor 1.246
99     *hardened-sources-2.6.26-r4 (14 Oct 2008)
100    
101     14 Oct 2008; Gordon Malm <gengor@gentoo.org>
102     -hardened-sources-2.6.26-r3.ebuild, +hardened-sources-2.6.26-r4.ebuild:
103     Update to latest grsecurity patch, fixing building of non-modular kernels.
104 gengor 1.245
105     *hardened-sources-2.6.26-r3 (12 Oct 2008)
106    
107     12 Oct 2008; Gordon Malm <gengor@gentoo.org>
108     hardened-sources-2.6.25-r8.ebuild, -hardened-sources-2.6.26-r1.ebuild,
109     +hardened-sources-2.6.26-r3.ebuild:
110     2.6.26-r3: Update to Linux 2.6.26.6 and latest grsecurity patch.
111     2.6.26-r1: Removed.
112     2.6.25-r8: Stable amd64/x86.
113 gengor 1.244
114     *hardened-sources-2.6.25-r8 (09 Oct 2008)
115    
116     09 Oct 2008; Gordon Malm <gengor@gentoo.org>
117     -hardened-sources-2.6.25-r4.ebuild, -hardened-sources-2.6.25-r5.ebuild,
118     -hardened-sources-2.6.25-r6.ebuild, +hardened-sources-2.6.25-r8.ebuild:
119     Update to genpatches-11 and Linux 2.6.25.18. Remove old versions.
120 nixnut 1.243
121     20 Sep 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r7.ebuild:
122     Stable on ppc
123 gengor 1.242
124     17 Sep 2008; Gordon Malm <gengor@gentoo.org>
125     hardened-sources-2.6.25-r7.ebuild:
126     Stable amd64/x86.
127 gengor 1.241
128     *hardened-sources-2.6.26-r2 (13 Sep 2008)
129    
130     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
131     -hardened-sources-2.6.26.ebuild, +hardened-sources-2.6.26-r2.ebuild:
132     2.6.26-r2: Update to Linux 2.6.26.5, new grsecurity patch adding
133     PAX_REFCOUNT feature, fix bug #237473 (CVE-2008-3525). 2.6.26: Removed.
134 gengor 1.240
135     *hardened-sources-2.6.25-r7 (13 Sep 2008)
136    
137     13 Sep 2008; Gordon Malm <gengor@gentoo.org>
138     +hardened-sources-2.6.25-r7.ebuild:
139     Add 2.6.25-r7, fixing bug #237473 (CVE-2008-3525) and a PaX bug.
140 gengor 1.239
141     10 Sep 2008; Gordon Malm <gengor@gentoo.org>
142     hardened-sources-2.6.25-r4.ebuild, hardened-sources-2.6.25-r5.ebuild,
143     hardened-sources-2.6.25-r6.ebuild, hardened-sources-2.6.26.ebuild,
144     hardened-sources-2.6.26-r1.ebuild:
145     Update DESCRIPTION and HGPV_URI.
146 gengor 1.238
147     *hardened-sources-2.6.25-r6 (09 Sep 2008)
148    
149     09 Sep 2008; Gordon Malm <gengor@gentoo.org>
150     -hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25-r6.ebuild:
151     2.6.25-r6: Update to Linux 2.6.25.17.
152     2.6.24-r3: Removed.
153 gengor 1.237
154     08 Sep 2008; Gordon Malm <gengor@gentoo.org>
155     hardened-sources-2.6.25-r5.ebuild:
156     Stable on amd64/x86
157 gengor 1.236
158     07 Sep 2008; Gordon Malm <gengor@gentoo.org> metadata.xml:
159     Update my email address.
160 nixnut 1.235
161     31 Aug 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.25-r4.ebuild:
162     stable on ppc
163 battousai 1.234
164     *hardened-sources-2.6.26-r1 (23 Aug 2008)
165     *hardened-sources-2.6.25-r5 (23 Aug 2008)
166    
167     23 Aug 2008; Bryan D. Stine <battousai@gentoo.org>
168     -hardened-sources-2.6.23-r13.ebuild, -hardened-sources-2.6.25-r3.ebuild,
169     hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.25-r5.ebuild,
170     +hardened-sources-2.6.26-r1.ebuild:
171     Bump to 2.6.25-r5 for updated patches and upstream .10 kernel, fixing
172     security bug #235221. Bump to 2.6.26-r1 for upstream .3 kernel, also
173     fixing security bug #235221. Marked 2.6.25-r4 stable on amd64 and x86.
174     Removed 2.6.23-r13 and 2.6.25-r3. Commit on behalf of Gordon Malm
175     (gengor).
176 solar 1.233
177     *hardened-sources-2.6.26 (18 Aug 2008)
178     *hardened-sources-2.6.25-r4 (18 Aug 2008)
179    
180     18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
181     +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
182     - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
183     to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
184     2.6.25-r2: Removed.
185 tove 1.232
186     16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
187     Remove phreak from metadata.xml (#96398)
188 solar 1.231
189     *hardened-sources-2.6.25-r3 (31 Jul 2008)
190    
191     31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
192     -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
193     +hardened-sources-2.6.25-r3.ebuild:
194     - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
195     fixes, including security bug #231750.
196 nixnut 1.230
197     28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
198     Stable on ppc
199 solar 1.229
200     *hardened-sources-2.6.25-r2 (05 Jul 2008)
201    
202     05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
203     -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
204     +hardened-sources-2.6.25-r2.ebuild:
205     2.6.23-r4: Stable x86/amd64
206     2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
207     2.6.23-r{11,12}: Removed due to multiple vulns.
208     (gengor & kerframil)
209 nixnut 1.228
210     04 Jul 2008; nixnut <nixnut@gentoo.org>
211     hardened-sources-2.6.23-r13.ebuild:
212     Stable on ppc
213 solar 1.227
214     *hardened-sources-2.6.25-r1 (30 Jun 2008)
215    
216     30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
217     +hardened-sources-2.6.25-r1.ebuild:
218     2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
219     grsecurity release. 2.6.23-r13: x86/amd64 stable
220 solar 1.226
221     *hardened-sources-2.6.25 (17 Jun 2008)
222     *hardened-sources-2.6.24-r3 (17 Jun 2008)
223     *hardened-sources-2.6.23-r13 (17 Jun 2008)
224    
225     17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
226     +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
227     * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
228     #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
229     #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
230     2.6.25: Initial 2.6.25 release.
231 solar 1.225
232     15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
233     - fasttrack to stable x86/amd64
234 swegener 1.224
235     11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
236     Fix broken digest for linux-2.6.24.tar.bz2.
237 solar 1.223
238     *hardened-sources-2.6.24-r2 (11 May 2008)
239     *hardened-sources-2.6.23-r12 (11 May 2008)
240    
241     11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
242     -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
243     +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
244     -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
245     proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
246     220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
247     security bugs 219901, 220691, 220975, 220979, 221123. New
248     genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
249     should be removed as far as I'm concerned, everything else remove due to
250     vulnerable to numerous security bugs or brokeness.
251 nixnut 1.222
252     10 May 2008; nixnut <nixnut@gentoo.org>
253     hardened-sources-2.6.23-r11.ebuild:
254     Stable on ppc
255 solar 1.221
256     05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
257     - -r11 stable on x86/amd64
258 solar 1.220
259     *hardened-sources-2.6.23-r11 (01 May 2008)
260    
261     01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
262     - version bump to fix ulgy linux bugs
263 phreak 1.219
264     *hardened-sources-2.6.24-r1 (30 Apr 2008)
265    
266     30 Apr 2008; Christian Heim <phreak@gentoo.org>
267     +hardened-sources-2.6.24-r1.ebuild:
268     Revision bump (thanks to Kerin and Gordon, again), pulling
269     genpatches-2.6.24-7, solving #219089. Additionally contains further security
270     fixes plus some minor updates.
271 phreak 1.218
272     *hardened-sources-2.6.23-r10 (30 Apr 2008)
273    
274     30 Apr 2008; Christian Heim <phreak@gentoo.org>
275     +hardened-sources-2.6.23-r10.ebuild:
276     Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
277     Additional contains "various other fixes".
278 phreak 1.217
279     09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
280     Update the longdescription in metadata, thanks to Gordon Malm.
281 nixnut 1.216
282     08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
283     Stable on ppc wrt bug #213255
284 solar 1.215
285     07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
286     -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
287     - stable on x86/amd64 per request. Removed obsolete ebuilds
288 phreak 1.214
289     *hardened-sources-2.6.24 (07 Apr 2008)
290    
291     07 Apr 2008; Christian Heim <phreak@gentoo.org>
292     +hardened-sources-2.6.24.ebuild:
293     Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
294     <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
295     for the many contributions and their continued effort in #216612) based on
296     2.6.24 and genpatches-2.6.24-5.
297    
298     The current ebuild/patchset contains these things:
299     * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
300     * Introduces bespoke server and workstation oriented security levels
301     * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
302 phreak 1.213
303     30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
304     Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
305     maintaining it).
306 phreak 1.212
307     24 Mar 2008; Christian Heim <phreak@gentoo.org>
308     hardened-sources-2.4.35-r2.ebuild:
309     Fixing SRC_URI for 2.4.35-r2.
310 phreak 1.211
311     *hardened-sources-2.6.23-r9 (22 Mar 2008)
312    
313     22 Mar 2008; Christian Heim <phreak@gentoo.org>
314     +hardened-sources-2.6.23-r9.ebuild:
315     * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
316     * Change the default GIDs for some grsecurity options
317     * Revamp the Hardened [Gentoo] security level and make it the default level
318     * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
319     * Fix a recursive lock -- call to capable() within ptrace_attach()
320     * Fix bug that allows audit and iscsi operations to be controlled via netlink
321 solar 1.210
322     *hardened-sources-2.6.23-r8 (27 Feb 2008)
323    
324     27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
325     - version bump from Kerin Millar bug 210026
326 solar 1.209
327     17 Feb 2008; <solar@gentoo.org> metadata.xml,
328     -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
329     -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
330     -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
331     - stable on x86 and remove old ebuilds
332 solar 1.207
333     15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
334 solar 1.208 - stable on amd64 per request of amd64 lead
335 solar 1.206
336     *hardened-sources-2.6.23-r7 (11 Feb 2008)
337    
338     11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
339     - version bump from kerin.millar
340     Changes:
341    
342     * Bump to genpatches-base-2.6.23-9
343     * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
344     * Disables COMPAT_VDSO in x86/defconfig
345     * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
346 phreak 1.205
347     25 Jan 2008; Christian Heim <phreak@gentoo.org>
348     -hardened-sources-2.6.22-r8.ebuild:
349     Cleaning up old versions.
350 phreak 1.204
351     *hardened-sources-2.6.23-r6 (25 Jan 2008)
352    
353     25 Jan 2008; Christian Heim <phreak@gentoo.org>
354     -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
355     Revision bump, pulling in the latest genpatches.
356 phreak 1.203
357     *hardened-sources-2.6.23-r5 (24 Dec 2007)
358    
359     24 Dec 2007; Christian Heim <phreak@gentoo.org>
360     hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
361     hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
362     hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
363     Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
364 phreak 1.202
365     24 Dec 2007; Christian Heim <phreak@gentoo.org>
366     -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
367     -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
368     -hardened-sources-2.6.23-r3.ebuild:
369     Cleaning out some unused, old versions.
370 phreak 1.201
371     24 Dec 2007; Christian Heim <phreak@gentoo.org>
372     hardened-sources-2.6.23-r4.ebuild:
373     Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
374     in the tree for long, but there isn't much of a difference between this and
375     -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
376 phreak 1.200
377     *hardened-sources-2.6.23-r4 (23 Dec 2007)
378    
379     23 Dec 2007; Christian Heim <phreak@gentoo.org>
380     +hardened-sources-2.6.23-r4.ebuild:
381     Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
382 phreak 1.199
383     *hardened-sources-2.6.23-r3 (04 Dec 2007)
384    
385     04 Dec 2007; Christian Heim <phreak@gentoo.org>
386     +hardened-sources-2.6.23-r3.ebuild:
387     Revision bump, pulling in 2.6.23.9.
388 phreak 1.198
389     *hardened-sources-2.6.23-r2 (25 Nov 2007)
390    
391     25 Nov 2007; Christian Heim <phreak@gentoo.org>
392     +hardened-sources-2.6.23-r2.ebuild:
393     Updated patchset, thanks to solar.
394 phreak 1.197
395     *hardened-sources-2.6.23-r1 (31 Oct 2007)
396    
397     31 Oct 2007; Christian Heim <phreak@gentoo.org>
398     +hardened-sources-2.6.23-r1.ebuild:
399     Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
400 solar 1.196
401     29 Oct 2007; <solar@gentoo.org> metadata.xml:
402     - update metadata.xml
403 phreak 1.195
404     25 Oct 2007; Christian Heim <phreak@gentoo.org>
405     hardened-sources-2.6.22-r8.ebuild:
406     Marking 2.6.22-r8 stable on amd64 and x86.
407 phreak 1.194
408     21 Oct 2007; Christian Heim <phreak@gentoo.org>
409     -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
410     -hardened-sources-2.6.21-r4.ebuild:
411     Removing old ebuilds.
412 phreak 1.193
413     *hardened-sources-2.4.35-r2 (21 Oct 2007)
414    
415     21 Oct 2007; Christian Heim <phreak@gentoo.org>
416     +hardened-sources-2.4.35-r2.ebuild:
417     Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
418     patches.
419 phreak 1.192
420     *hardened-sources-2.6.22-r8 (21 Oct 2007)
421    
422     21 Oct 2007; Christian Heim <phreak@gentoo.org>
423     +hardened-sources-2.6.22-r8.ebuild:
424     Yet another new patch, hopefully fixing the remaining issues we had w/
425     2.6.22. Candidate for stabling.
426 phreak 1.191
427     *hardened-sources-2.6.23 (13 Oct 2007)
428    
429     13 Oct 2007; Christian Heim <phreak@gentoo.org>
430     +hardened-sources-2.6.23.ebuild:
431     Initial hardened-sources-2.6.23. If people still have problems w/ bug
432     194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
433 phreak 1.190
434     11 Oct 2007; Christian Heim <phreak@gentoo.org>
435     hardened-sources-2.6.20-r10.ebuild:
436     Pulling in yet another new genpatches version, fixing the PWC bug for real.
437 phreak 1.189
438     04 Oct 2007; Christian Heim <phreak@gentoo.org>
439     -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
440     Removing old versions.
441 phreak 1.188
442     *hardened-sources-2.6.22-r7 (01 Oct 2007)
443    
444     01 Oct 2007; Christian Heim <phreak@gentoo.org>
445     +hardened-sources-2.6.22-r7.ebuild:
446     Revision bump, pulling in a newer patch. Should fix #194276.
447 phreak 1.187
448     30 Sep 2007; Christian Heim <phreak@gentoo.org>
449     hardened-sources-2.6.20-r10.ebuild:
450     Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
451     Mike Doty).
452 phreak 1.186
453     *hardened-sources-2.6.22-r6 (26 Sep 2007)
454    
455     26 Sep 2007; Christian Heim <phreak@gentoo.org>
456     +hardened-sources-2.6.22-r6.ebuild:
457     Revision bump, grabbing up till Linux 2.6.22.9.
458 phreak 1.185
459     24 Sep 2007; Christian Heim <phreak@gentoo.org>
460     -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
461     Cleaning up further.
462 phreak 1.184
463     *hardened-sources-2.6.20-r10 (24 Sep 2007)
464    
465     24 Sep 2007; Christian Heim <phreak@gentoo.org>
466     -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
467     +hardened-sources-2.6.20-r10.ebuild:
468     Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
469     revisions.
470 phreak 1.183
471     *hardened-sources-2.6.22-r5 (22 Sep 2007)
472    
473     22 Sep 2007; Christian Heim <phreak@gentoo.org>
474     +hardened-sources-2.6.22-r5.ebuild:
475     Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
476 phreak 1.182
477     17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
478     Removing johnm from metadata.xml (see #186467 for reference).
479 phreak 1.181
480     *hardened-sources-2.6.22-r4 (17 Sep 2007)
481    
482     17 Sep 2007; Christian Heim <phreak@gentoo.org>
483     +hardened-sources-2.6.22-r4.ebuild:
484     Revision bump, hopefully fixing all those weird PAX failures.
485 phreak 1.180
486     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
487     Updating the metadata.xml.
488 phreak 1.179
489     01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
490     Removing tocharian from metadata due to his retirement (see #71718 for
491     reference).
492 phreak 1.178
493     *hardened-sources-2.6.20-r9 (30 Aug 2007)
494    
495     30 Aug 2007; Christian Heim <phreak@gentoo.org>
496     +hardened-sources-2.6.20-r9.ebuild:
497     Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
498 phreak 1.177
499     29 Aug 2007; Christian Heim <phreak@gentoo.org>
500     -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
501     -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
502     -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
503     -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
504     -hardened-sources-2.6.22-r2.ebuild:
505     Removing some redundant versions.
506 phreak 1.176
507     *hardened-sources-2.4.35-r1 (29 Aug 2007)
508    
509     29 Aug 2007; Christian Heim <phreak@gentoo.org>
510     +hardened-sources-2.4.35-r1.ebuild:
511     Revision bump, new grsecurity patch.
512 phreak 1.175
513     *hardened-sources-2.6.20-r8 (26 Aug 2007)
514    
515     26 Aug 2007; Christian Heim <phreak@gentoo.org>
516     +hardened-sources-2.6.20-r8.ebuild:
517     Revision bump for Linux 2.6.20.17.
518 phreak 1.174
519     *hardened-sources-2.6.22-r3 (22 Aug 2007)
520    
521     22 Aug 2007; Christian Heim <phreak@gentoo.org>
522     +hardened-sources-2.6.22-r3.ebuild:
523     Revision bump for Linux 2.6.22.4.
524 phreak 1.173
525     16 Aug 2007; Christian Heim <phreak@gentoo.org>
526     hardened-sources-2.6.22-r2.ebuild:
527     Updated patchset, to fix the alignment against 2.6.22.3.
528 phreak 1.172
529     *hardened-sources-2.6.22-r2 (16 Aug 2007)
530    
531     16 Aug 2007; Christian Heim <phreak@gentoo.org>
532     +hardened-sources-2.6.22-r2.ebuild:
533     Revision bump for Linux 2.6.22.3.
534 phreak 1.171
535     *hardened-sources-2.4.35 (16 Aug 2007)
536    
537     16 Aug 2007; Christian Heim <phreak@gentoo.org>
538     +hardened-sources-2.4.35.ebuild:
539     Version bump, initial version for Linux 2.4.35.
540 phreak 1.170
541     *hardened-sources-2.6.21-r4 (16 Aug 2007)
542    
543     16 Aug 2007; Christian Heim <phreak@gentoo.org>
544     +hardened-sources-2.6.21-r4.ebuild:
545     Revision bump for Linux 2.6.21.6.
546 phreak 1.169
547     *hardened-sources-2.6.20-r7 (16 Aug 2007)
548    
549     16 Aug 2007; Christian Heim <phreak@gentoo.org>
550     +hardened-sources-2.6.20-r7.ebuild:
551     Revision bump for Linux 2.6.20.16.
552 phreak 1.168
553     *hardened-sources-2.6.22-r1 (13 Aug 2007)
554    
555     13 Aug 2007; Christian Heim <phreak@gentoo.org>
556     +hardened-sources-2.6.22-r1.ebuild:
557     Yet another revision bump.
558 phreak 1.167
559     *hardened-sources-2.6.22 (10 Aug 2007)
560    
561     10 Aug 2007; Christian Heim <phreak@gentoo.org>
562     +hardened-sources-2.6.22.ebuild:
563     Initial release for 2.6.22. If you are using hardened-sources on a desktop
564     machine (P4 or newer), be aware you might need to disable
565     CONFIG_PAX_PAGEEXEC.
566 phreak 1.166
567     04 Aug 2007; Christian Heim <phreak@gentoo.org>
568     hardened-sources-2.6.20-r6.ebuild:
569     Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
570     2.6.20.15.
571 phreak 1.165
572     10 Jul 2007; Christian Heim <phreak@gentoo.org>
573     hardened-sources-2.6.20-r5.ebuild:
574     Marking hardened-sources-2.6.20-r5 stable on ppc.
575 phreak 1.164
576     10 Jul 2007; Christian Heim <phreak@gentoo.org>
577     -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
578     Cleanup.
579 phreak 1.163
580     *hardened-sources-2.6.20-r6 (08 Jul 2007)
581    
582     08 Jul 2007; Christian Heim <phreak@gentoo.org>
583     +hardened-sources-2.6.20-r6.ebuild:
584     Revision bump, grabbing yet another stable release.
585 phreak 1.162
586     17 Jun 2007; Christian Heim <phreak@gentoo.org>
587     -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
588     -hardened-sources-2.6.21-r2.ebuild:
589     Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
590     alpha stable KEYWORD by mistake.
591 phreak 1.161
592     17 Jun 2007; Christian Heim <phreak@gentoo.org>
593     hardened-sources-2.6.20-r5.ebuild:
594     Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
595     genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
596 phreak 1.160
597     *hardened-sources-2.6.21-r3 (12 Jun 2007)
598    
599     12 Jun 2007; Christian Heim <phreak@gentoo.org>
600     +hardened-sources-2.6.21-r3.ebuild:
601     Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
602     of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
603     love.
604 phreak 1.159
605     *hardened-sources-2.6.20-r5 (11 Jun 2007)
606    
607     11 Jun 2007; Christian Heim <phreak@gentoo.org>
608     +hardened-sources-2.6.20-r5.ebuild:
609     Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
610     of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
611     love.
612 pappy 1.158
613     *hardened-sources-2.4.34.5 (11 Jun 2007)
614    
615     11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
616     +hardened-sources-2.4.34.5.ebuild:
617     added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
618 phreak 1.157
619     30 May 2007; Christian Heim <phreak@gentoo.org>
620     -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
621     Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
622     stale ebuild(s).
623 phreak 1.156
624     30 May 2007; Christian Heim <phreak@gentoo.org>
625     -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
626     -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
627     -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
628     Doing some cleanups, remove stale ebuilds.
629 phreak 1.155
630     26 May 2007; Christian Heim <phreak@gentoo.org>
631     hardened-sources-2.6.21-r2.ebuild:
632     Fixing the grsecurity patch, had one '};' too much.
633 phreak 1.154
634     *hardened-sources-2.6.21-r2 (26 May 2007)
635    
636     26 May 2007; Christian Heim <phreak@gentoo.org>
637     -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
638     +hardened-sources-2.6.21-r2.ebuild:
639     Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
640     grsecurity patch to 2.1.10-2.6.21.1-200705221918.
641 phreak 1.153
642     *hardened-sources-2.6.20-r4 (26 May 2007)
643    
644     26 May 2007; Christian Heim <phreak@gentoo.org>
645     -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
646     Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
647 phreak 1.154 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
648 phreak 1.152
649     15 May 2007; Christian Heim <phreak@gentoo.org>
650     hardened-sources-2.6.20-r3.ebuild:
651     Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
652     introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
653     grsecurity patch fail in that exact same hunk.
654 phreak 1.151
655     *hardened-sources-2.6.20-r3 (15 May 2007)
656    
657     15 May 2007; Christian Heim <phreak@gentoo.org>
658     +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
659     Revision bump, incorporating Linux 2.6.20.11.
660    
661     *hardened-sources-2.6.21-r1 (11 May 2007)
662    
663     11 May 2007; Christian Heim <phreak@gentoo.org>
664     +hardened-sources-2.6.21-r1.ebuild:
665     Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
666     mentioned in #177234.
667 kevquinn 1.150
668     07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
669     files/digest-hardened-sources-2.6.21, Manifest:
670     Fix Manifest/digest for linux-2.6.21.tar.bz2
671 phreak 1.149
672     06 May 2007; Christian Heim <phreak@gentoo.org>
673     hardened-sources-2.6.21.ebuild:
674     Bumping the hardened-patches version, needed for the fix for #177234.
675 phreak 1.148
676     *hardened-sources-2.6.21 (02 May 2007)
677    
678     02 May 2007; Christian Heim <phreak@gentoo.org>
679     +hardened-sources-2.6.21.ebuild:
680     Version bump, Linux 2.6.21-hardened.
681 phreak 1.147
682     29 Apr 2007; Christian Heim <phreak@gentoo.org>
683     hardened-sources-2.6.20-r2.ebuild:
684     Adding ~ia64 on Ned's request.
685 phreak 1.146
686     29 Apr 2007; Christian Heim <phreak@gentoo.org>
687     hardened-sources-2.6.20-r2.ebuild:
688     Fixing the included grsecurity patch, wasn't alligning due to the Index:
689     header line(s).
690 phreak 1.145
691     29 Apr 2007; Christian Heim <phreak@gentoo.org>
692     hardened-sources-2.6.20-r2.ebuild:
693     Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
694 armin76 1.144
695     *hardened-sources-2.6.20-r2 (10 Apr 2007)
696    
697     10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
698     +hardened-sources-2.6.20-r2.ebuild:
699     Version bump, on behalf of phreak
700 phreak 1.143
701     *hardened-sources-2.6.20-r1 (04 Apr 2007)
702    
703     04 Apr 2007; Christian Heim <phreak@gentoo.org>
704     +hardened-sources-2.6.20-r1.ebuild:
705     Revision bump, grabbing a newer grsecurity snapshot.
706 phreak 1.142
707     *hardened-sources-2.6.20 (25 Mar 2007)
708    
709     25 Mar 2007; Christian Heim <phreak@gentoo.org>
710     +hardened-sources-2.6.20.ebuild:
711     Finally a hardened-sources version for 2.6.20; many people have been waiting
712     for this. Thanks to Steve for preliminary testing, thanks to Ned for the
713     testbox.
714 chainsaw 1.141
715     16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
716     hardened-sources-2.6.18-r6.ebuild:
717     Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
718 phreak 1.140
719     *hardened-sources-2.6.18-r6 (16 Mar 2007)
720    
721     16 Mar 2007; Christian Heim <phreak@gentoo.org>
722     -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
723     Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
724     yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
725     supposed to be.
726 phreak 1.139
727     06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
728     Fixing the Manifest, the previous one was broken (as in still had the
729     deleted ebuild in it).
730 phreak 1.138
731     06 Mar 2007; Christian Heim <phreak@gentoo.org>
732     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
733     +hardened-sources-2.6.18-r5.ebuild:
734     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
735     Linux 2.6.18.8. Also cleaning up the older version.
736    
737     *hardened-sources-2.6.18-r5 (06 Mar 2007)
738    
739     06 Mar 2007; Christian Heim <phreak@gentoo.org>
740     -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
741     +hardened-sources-2.6.18-r5.ebuild:
742     Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
743     Linux 2.6.18.8. Also cleaning up the older version.
744 phreak 1.137
745     24 Feb 2007; Christian Heim <phreak@gentoo.org>
746     -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
747     -hardened-sources-2.6.19-r5.ebuild:
748     Removing some of the old version, that didn't work.
749 phreak 1.136
750     *hardened-sources-2.6.19-r6 (12 Feb 2007)
751    
752     12 Feb 2007; Christian Heim <phreak@gentoo.org>
753     +hardened-sources-2.6.19-r6.ebuild:
754     Revision bump, including a new grsec version fixing #166235.
755 pappy 1.134
756     *hardened-sources-2.4.34 (24 Jan 2007)
757    
758     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
759 pappy 1.135 Manifest:
760     updating Manifest with checksums of new tarball and ebuild
761    
762     24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
763 pappy 1.134 +hardened-sources-2.4.34.ebuild:
764     I added new hardened sources 2.4 update, this is a critical path
765     security bugfix - all users of h-s are strongly advised
766     to update their existing hardened sources to this version.
767     It contains a fix for a kernel vulnerability that is pertaining
768     to the PaX changes to virtual memory management, possibly leading
769     to a local kernel exploit ... see grsecurity.net forums and homepage
770 phreak 1.133
771     23 Jan 2007; Christian Heim <phreak@gentoo.org>
772     files/digest-hardened-sources-2.6.19-r5, Manifest:
773     Fixing the patch-tarball digest.
774 phreak 1.132
775     *hardened-sources-2.6.19-r5 (23 Jan 2007)
776    
777     23 Jan 2007; Christian Heim <phreak@gentoo.org>
778     +hardened-sources-2.6.19-r5.ebuild:
779     Revision bump, closing the recently discovered PaX expand_stack()
780     vulnerability.
781 phreak 1.131
782     *hardened-sources-2.6.19-r4 (14 Jan 2007)
783    
784     14 Jan 2007; Christian Heim <phreak@gentoo.org>
785     +hardened-sources-2.6.19-r4.ebuild:
786     Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
787     dropping the randomized PID feature.
788 opfer 1.130
789     11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
790     hardened-sources-2.4.33.4.ebuild:
791     stable x86, bug #161171
792 phreak 1.129
793     *hardened-sources-2.6.19-r3 (27 Dec 2006)
794    
795     27 Dec 2006; Christian Heim <phreak@gentoo.org>
796     -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
797     Revision bump for bug #157186 and #158786.
798 phreak 1.128
799     *hardened-sources-2.6.18-r4 (27 Dec 2006)
800    
801     27 Dec 2006; Christian Heim <phreak@gentoo.org>
802     -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
803     Revision bump for bug #157186.
804 phreak 1.127
805     *hardened-sources-2.6.19-r2 (23 Dec 2006)
806    
807     23 Dec 2006; Christian Heim <phreak@gentoo.org>
808     -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
809     Revision bump to pull in genpatches-2.6.19-3 for #157186.
810 phreak 1.126
811     17 Dec 2006; Christian Heim <phreak@gentoo.org>
812     hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
813     hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
814     hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
815     hardened-sources-2.6.19-r1.ebuild:
816     Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
817     adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
818 pappy 1.125
819     *hardened-sources-2.4.33.4 (17 Dec 2006)
820    
821     17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
822     +hardened-sources-2.4.33.4.ebuild:
823     new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
824     and quilting
825 phreak 1.124
826     *hardened-sources-2.6.19-r1 (14 Dec 2006)
827    
828     14 Dec 2006; Christian Heim <phreak@gentoo.org>
829     -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
830     Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
831     for reporting).
832 phreak 1.123
833     *hardened-sources-2.6.19 (13 Dec 2006)
834    
835     13 Dec 2006; Christian Heim <phreak@gentoo.org>
836     +hardened-sources-2.6.19.ebuild:
837     And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
838     Brad for providing that prompt update.
839 phreak 1.122
840     *hardened-sources-2.6.18-r3 (13 Dec 2006)
841    
842     13 Dec 2006; Christian Heim <phreak@gentoo.org>
843     -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
844     +hardened-sources-2.6.18-r3.ebuild:
845     Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
846     S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
847 phreak 1.121
848     09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
849     Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
850 nixnut 1.120
851     08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
852     Stable on ppc wrt bug 157356
853 opfer 1.119
854     07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
855     hardened-sources-2.6.18.ebuild:
856     stable x86, bug #157356
857 phreak 1.118
858     *hardened-sources-2.6.18-r2 (06 Dec 2006)
859    
860     06 Dec 2006; Christian Heim <phreak@gentoo.org>
861     +hardened-sources-2.6.18-r2.ebuild:
862     Revision bump, including 2.6.18.5 (via genpatches) and
863     4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
864     Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
865     redesign.
866 phreak 1.117
867     06 Dec 2006; Christian Heim <phreak@gentoo.org>
868     hardened-sources-2.6.18.ebuild:
869     Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
870     of Mike Doty).
871 phreak 1.116
872     *hardened-sources-2.6.18-r1 (23 Nov 2006)
873    
874     23 Nov 2006; Christian Heim <phreak@gentoo.org>
875     +hardened-sources-2.6.18-r1.ebuild:
876     Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
877 phreak 1.115
878     *hardened-sources-2.6.18 (11 Nov 2006)
879    
880     11 Nov 2006; Christian Heim <phreak@gentoo.org>
881     +hardened-sources-2.6.18.ebuild:
882     Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
883 solar 1.114
884     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
885     - mark amd64 stable also. bug #151877
886 solar 1.113
887     18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
888     - mark 2.6.17-r1 stable
889 phreak 1.112
890     27 Aug 2006; Christian Heim <phreak@gentoo.org>
891     -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
892     Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
893 phreak 1.111
894     *hardened-sources-2.6.17-r1 (26 Aug 2006)
895    
896     26 Aug 2006; Christian Heim <phreak@gentoo.org>
897     +hardened-sources-2.6.17-r1.ebuild:
898     Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
899     grsecurity patch.
900 phreak 1.110
901     *hardened-sources-2.6.17 (17 Aug 2006)
902    
903     17 Aug 2006; Christian Heim <phreak@gentoo.org>
904     +hardened-sources-2.6.17.ebuild:
905     Bumping the hardened-sources-2.6 series to 2.6.17, using
906     genpatches-2.6.17-6.base.
907 solar 1.109
908     07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
909     - stable on x86 and amd64
910 solar 1.108
911     *hardened-sources-2.6.16-r11 (15 Jul 2006)
912    
913     15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
914     -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
915     -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
916     -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
917     - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
918     crusty ebuilds
919 johnm 1.107
920     14 Jul 2006; John Mylchreest <johnm@gentoo.org>
921     hardened-sources-2.6.16-r10.ebuild:
922     marking stable on x86 and amd64
923 solar 1.106
924     13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
925     - 2.4.32-r6 stable on x86. RSBAC state unknown
926 kang 1.105
927     *hardened-sources-2.4.32-r7 (10 Jul 2006)
928    
929     10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
930     +hardened-sources-2.4.32-r7.ebuild:
931     Bump PaX for RSBAC to test-17
932 johnm 1.104
933     *hardened-sources-2.6.16-r9 (03 Jul 2006)
934    
935     03 Jul 2006; John Mylchreest <johnm@gentoo.org>
936     -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
937     hardened-sources-2.6.16 bump to latest -base.
938 solar 1.103
939     *hardened-sources-2.4.32-r6 (30 Jun 2006)
940    
941     30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
942     hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
943     - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
944     sysctl controlable resource logging
945 johnm 1.102
946     *hardened-sources-2.6.16-r7 (05 Jun 2006)
947    
948     05 Jun 2006; John Mylchreest <johnm@gentoo.org>
949     -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
950     push new 2.6.16 release in preparation for stable
951 solar 1.101
952     22 May 2006; <solar@gentoo.org> :
953     - redigest bug 134002
954 kang 1.100
955     *hardened-sources-2.4.32-r5 (16 May 2006)
956    
957     16 May 2006; Guillaume Destuynder <kang@gentoo.org>
958     +hardened-sources-2.4.32-r5.ebuild:
959     Fixes rsbac common patching (new patch in new -r5 patchset)
960 solar 1.99
961     *hardened-sources-2.4.32-r4 (13 May 2006)
962    
963     13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
964     +hardened-sources-2.4.32-r4.ebuild:
965     - security bumps
966 johnm 1.98
967     *hardened-sources-2.6.16-r6 (03 May 2006)
968    
969     03 May 2006; John Mylchreest <johnm@gentoo.org>
970     +hardened-sources-2.6.16-r6.ebuild:
971     bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
972 johnm 1.97
973     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
974     hardened-sources-2.6.14-r8.ebuild:
975     fix x86_64 build problem, this will delay the digest issue again for a short
976     while but it will sort itself out
977 johnm 1.96
978     28 Apr 2006; John Mylchreest <johnm@gentoo.org>
979     hardened-sources-2.6.14-r8.ebuild:
980     bump hardened patchset
981 antarus 1.94
982     27 Apr 2006; Alec Warner <antarus@gentoo.org>
983     files/digest-hardened-sources-2.4.32-r2,
984     files/digest-hardened-sources-2.4.32-r3,
985     files/digest-hardened-sources-2.6.14-r8, Manifest:
986     Fixing duff SHA256 digests: Bug # 131293
987 johnm 1.93
988 johnm 1.95 *hardened-sources-2.6.16-r5 (27 Apr 2006)
989    
990     27 Apr 2006; John Mylchreest <johnm@gentoo.org>
991     -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
992     -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
993     stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
994     cleanup of old uneccessary sources
995    
996 johnm 1.93 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
997     fix digest
998 johnm 1.92
999     *hardened-sources-2.6.14-r8 (20 Apr 2006)
1000    
1001     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1002     +hardened-sources-2.6.14-r8.ebuild:
1003     fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
1004 johnm 1.91
1005     20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
1006     Turning on gpg-signing again, and recomitting
1007 johnm 1.90
1008     *hardened-sources-2.6.16-r4 (20 Apr 2006)
1009    
1010     20 Apr 2006; John Mylchreest <johnm@gentoo.org>
1011     -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
1012     +hardened-sources-2.6.16-r4.ebuild:
1013     Fix numerous security vulns
1014 solar 1.89
1015     *hardened-sources-2.4.32-r3 (16 Apr 2006)
1016    
1017     16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
1018     -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
1019     +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
1020     - security bump for bug #112791. Removed old ebuilds
1021 johnm 1.88
1022     *hardened-sources-2.6.16-r3 (15 Apr 2006)
1023    
1024     15 Apr 2006; John Mylchreest <johnm@gentoo.org>
1025     +hardened-sources-2.6.16-r3.ebuild:
1026     Removing silly localversion which I missed
1027 johnm 1.87
1028     *hardened-sources-2.6.14-r7 (14 Apr 2006)
1029    
1030     14 Apr 2006; John Mylchreest <johnm@gentoo.org>
1031     -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
1032     Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
1033 johnm 1.86
1034     *hardened-sources-2.6.16-r2 (13 Apr 2006)
1035    
1036     13 Apr 2006; John Mylchreest <johnm@gentoo.org>
1037     -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
1038     +hardened-sources-2.6.16-r2.ebuild:
1039     Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
1040     labels, dropping USERGROUP define fixes, since these were merged mainstream.
1041 johnm 1.85
1042     *hardened-sources-2.6.16-r1 (11 Apr 2006)
1043    
1044     11 Apr 2006; John Mylchreest <johnm@gentoo.org>
1045     +hardened-sources-2.6.16-r1.ebuild:
1046     Bumping to include ppc build fix and 2.6.16.3
1047 tsunam 1.84
1048     06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
1049     hardened-sources-2.6.14-r6.ebuild:
1050     Stable on x86; bug #127718
1051 johnm 1.83
1052     *hardened-sources-2.6.16 (31 Mar 2006)
1053    
1054     31 Mar 2006; John Mylchreest <johnm@gentoo.org>
1055     +hardened-sources-2.6.16.ebuild:
1056     Bumping to new version of grsec, and kernel base. New squashfs. Based on
1057     2.6.16.1
1058 cryos 1.82
1059     30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
1060     hardened-sources-2.6.14-r6.ebuild:
1061     Stable on amd64, bug 127718.
1062 nixnut 1.81
1063     28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
1064     Stable on ppc. Bug #127718
1065 johnm 1.80
1066     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1067     -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
1068     -hardened-sources-2.6.14-r4.ebuild:
1069     Cleanup.
1070 johnm 1.79
1071     *hardened-sources-2.6.14-r6 (15 Mar 2006)
1072    
1073     15 Mar 2006; John Mylchreest <johnm@gentoo.org>
1074     +hardened-sources-2.6.14-r6.ebuild:
1075     Fixes grsec policy recreation bug and adds a
1076     >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
1077 solar 1.78
1078     02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
1079     - stable on x86
1080 hansmi 1.77
1081     19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
1082     hardened-sources-2.6.14-r5.ebuild:
1083     Stable on ppc.
1084 johnm 1.76
1085     *hardened-sources-2.6.14-r5 (01 Feb 2006)
1086    
1087     01 Feb 2006; John Mylchreest <johnm@gentoo.org>
1088     +hardened-sources-2.6.14-r5.ebuild:
1089     fixing every known exploit
1090 solar 1.75
1091     *hardened-sources-2.4.32-r2 (26 Jan 2006)
1092    
1093     26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
1094     +hardened-sources-2.4.32-r2.ebuild:
1095     - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
1096 solar 1.74
1097     *hardened-sources-2.6.14-r4 (12 Jan 2006)
1098    
1099     12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
1100     - version bump for new genpatches which fix up a few sec holes
1101 solar 1.73
1102     *hardened-sources-2.4.32-r1 (05 Jan 2006)
1103    
1104     05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
1105     - revision bump to add misc vital linux kernel security patches.
1106 johnm 1.72
1107     *hardened-sources-2.6.14-r3 (30 Dec 2005)
1108    
1109     30 Dec 2005; John Mylchreest <johnm@gentoo.org>
1110     -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
1111     Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
1112 johnm 1.71
1113     28 Dec 2005; John Mylchreest <johnm@gentoo.org>
1114     hardened-sources-2.6.14-r2.ebuild:
1115     making x86 & amd64 stable following testing.
1116 johnm 1.70
1117     *hardened-sources-2.6.14-r2 (27 Dec 2005)
1118    
1119     27 Dec 2005; John Mylchreest <johnm@gentoo.org>
1120     -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
1121     Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
1122     network hooks.
1123 johnm 1.69
1124     06 Dec 2005; John Mylchreest <johnm@gentoo.org>
1125     hardened-sources-2.6.14-r1.ebuild:
1126     bumping to stable early for sec fix on x86 & amd64
1127 johnm 1.68
1128     *hardened-sources-2.6.14-r1 (05 Dec 2005)
1129    
1130     05 Dec 2005; John Mylchreest <johnm@gentoo.org>
1131     -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
1132     bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
1133 solar 1.67
1134     04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
1135     - stable on x86 security bug #114227 CAN-2005-3257
1136 kang 1.66
1137     *hardened-sources-2.4.32 (19 Nov 2005)
1138    
1139     19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
1140     +hardened-sources-2.4.32.ebuild:
1141     Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
1142     Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
1143     have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
1144     rsbac >> /etc/portage/package.use)
1145 johnm 1.65
1146     *hardened-sources-2.6.14 (14 Nov 2005)
1147    
1148     14 Nov 2005; John Mylchreest <johnm@gentoo.org>
1149     -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
1150     Bumping 2.6 series to 2.6.14.2
1151 johnm 1.64
1152     *hardened-sources-2.6.13-r2 (20 Oct 2005)
1153    
1154     20 Oct 2005; John Mylchreest <johnm@gentoo.org>
1155     -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
1156     +hardened-sources-2.6.13-r2.ebuild:
1157     Fixes minor build error in ppc.
1158 johnm 1.63
1159     *hardened-sources-2.6.13-r1 (17 Oct 2005)
1160    
1161     17 Oct 2005; John Mylchreest <johnm@gentoo.org>
1162     +hardened-sources-2.6.13-r1.ebuild:
1163     Updating grsec to latest snapshot. Fixes some minor issues. Updating to
1164     2.6.13.4, fixes some major amd64 stability problems.
1165 johnm 1.62
1166     *hardened-sources-2.6.13 (16 Sep 2005)
1167    
1168     16 Sep 2005; John Mylchreest <johnm@gentoo.org>
1169     -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
1170     2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
1171     ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1172     users should test this thoroughly.
1173 solar 1.61
1174     01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1175     - stable on x86
1176 johnm 1.60
1177     *hardened-sources-2.6.11-r15 (27 Jun 2005)
1178    
1179     27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1180     +hardened-sources-2.6.11-r15.ebuild:
1181     Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1182     grsec redefining curr_ip struct.
1183 solar 1.59
1184     *hardened-sources-2.4.31 (20 Jun 2005)
1185    
1186     20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1187     initial import of 2.4.31 tree
1188 johnm 1.58
1189     *hardened-sources-2.6.11-r14 (14 Jun 2005)
1190    
1191     14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1192     -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1193     Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1194     naming scheme to abide by genpatches
1195 johnm 1.57
1196     *hardened-sources-2.6.11-r13 (18 May 2005)
1197    
1198     18 May 2005; John Mylchreest <johnm@gentoo.org>
1199     -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1200     Managed to mangle the Makefile patch from grsec, to miss out the grsec
1201     target. sorry about that. Fixes bug #93022
1202 johnm 1.56
1203     *hardened-sources-2.6.11-r12 (17 May 2005)
1204    
1205     17 May 2005; John Mylchreest <johnm@gentoo.org>
1206     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1207     +hardened-sources-2.6.11-r12.ebuild:
1208     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1209     merges in genpatches-base
1210 johnm 1.55
1211     *hardened-sources-2.6.11-r12 (17 May 2005)
1212    
1213     17 May 2005; John Mylchreest <johnm@gentoo.org>
1214     -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1215     +hardened-sources-2.6.11-r12.ebuild:
1216     Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1217     merges in genpatches-base
1218 solar 1.54
1219     29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1220     -files/2.4.27-cmdline-race.patch,
1221     -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1222     -files/2.4.28-grsec-binfmt_a.out.patch,
1223     -files/2.4.28-grsec-cmdline-race.patch,
1224     -files/2.4.28-selinux-binfmt_a.out.patch,
1225     -files/2.4.28-selinux-cmdline-race.patch,
1226     -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1227     hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1228     - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1229     cleanup..
1230 solar 1.53
1231     *hardened-sources-2.4.30-r1 (21 Apr 2005)
1232    
1233     21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1234     - disable aout by default
1235 solar 1.52
1236     *hardened-sources-2.4.30 (18 Apr 2005)
1237    
1238     18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1239     - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1240     and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1241     use
1242 tocharian 1.50
1243 scox 1.51 *hardened-sources-2.4.29 (30 Mar 2005)
1244    
1245     30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1246     +hardened-sources-2.4.29.ebuild:
1247     New hardened-patches-2.4-29.0 patchball.
1248     Removed SELinux support, upgraded GRSecurity to 2.1.4.
1249    
1250     *hardened-sources-2.4.28-r5 (06 Mar 2005)
1251    
1252     06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1253     +hardened-sources-2.4.28-r5.ebuild:
1254     Added a fix for a PaX vulnerability.
1255    
1256     26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1257 tocharian 1.50 hardened-sources-2.4.28-r4.ebuild:
1258     Stable on x86
1259 solar 1.49
1260     23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1261     hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1262     hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1263     hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1264     - fixed/added RDEPEND= in all kernel-2 ebuilds
1265 tocharian 1.48
1266     *hardened-sources-2.4.28-r4 (21 Jan 2005)
1267    
1268     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1269     +hardened-sources-2.4.28-r4.ebuild:
1270     Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1271     backport of neighbour hash updates.
1272 tocharian 1.47
1273     21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1274     hardened-sources-2.4.28-r3.ebuild:
1275     Stable on x86
1276 tseng 1.46
1277     *hardened-sources-2.6.10-r3 (20 Jan 2005)
1278    
1279     20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1280     +hardened-sources-2.6.10-r3.ebuild:
1281     Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1282     in 2005.0
1283 tocharian 1.45
1284     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1285     -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1286     hardened-sources-2.4.28-r2.ebuild:
1287     Mark stable on x86
1288 tocharian 1.44
1289     *hardened-sources-2.4.28-r3 (17 Jan 2005)
1290    
1291     17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1292     +hardened-sources-2.4.28-r3.ebuild:
1293     Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1294 tocharian 1.43
1295     14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1296     hardened-sources-2.4.28.ebuild:
1297     Mark stable on x86.
1298 tocharian 1.42
1299     *hardened-sources-2.4.28-r2 (13 Jan 2005)
1300    
1301     13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1302     +hardened-sources-2.4.28-r2.ebuild:
1303     Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1304     Mazinger for grsecurity patches as well.
1305 plasmaroo 1.41
1306     *hardened-sources-2.4.28-r1 (23 Dec 2004)
1307    
1308     23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1309     Security bump. Thank tocharian for rolling a new patchset...
1310 solar 1.40
1311     28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1312     +files/2.4.28-grsec-cmdline-race.patch,
1313     +files/2.4.28-selinux-binfmt_a.out.patch,
1314     +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1315     - Round up remaining security patches that appear to be missing in 2.4.28. -
1316     PaX standalone updated to current. hgpv=28.1
1317 solar 1.39
1318     *hardened-sources-2.4.28 (28 Nov 2004)
1319    
1320     28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1321     security bump. Thank tocharian for rolling a new patchset
1322 scox 1.31
1323 scox 1.38 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1324    
1325     08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1326     +hardened-sources-2.4.27-r3.ebuild:
1327     Applies the new 2.4-27.2 patchball which updates
1328     GRSecurity to the 2.0.1 version.
1329    
1330 scox 1.37 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1331    
1332     31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1333     +hardened-sources-2.4.27-r2.ebuild:
1334     Version bump.
1335     This version uses the new 2.4-27.1 patchball which updates
1336     both the SELinux PaX hooks patch and the SELinux headers.
1337    
1338 scox 1.36 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1339    
1340     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1341     +hardened-sources-2.4.27-r1.ebuild,
1342     -hardened-sources-2.4.27.ebuild,
1343     +files/2.4.27-cmdline-race.patch:
1344     Version bump, fix for cmdline race. See bug #59905.
1345    
1346     *hardened-sources-2.4.26-r6 (09 Aug 2004)
1347    
1348     09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1349     +hardened-sources-2.4.26-r6.ebuild,
1350     -hardened-sources-2.4.26-r5.ebuild,
1351     -hardened-sources-2.4.26-r4.ebuild,
1352     +files/2.4.26-cmdline-race.patch:
1353     Version bump, fix for cmdline race. See bug #59905.
1354    
1355 scox 1.35 *hardened-sources-2.4.27 (08 Aug 2004)
1356    
1357     08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1358     +hardened-sources-2.4.27.ebuild,
1359     +files/2.4.27-CAN-2004-0394.patch:
1360     Ported the patchball to the 2.4.27 kernel version.
1361    
1362 scox 1.34 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1363    
1364     07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1365     +hardened-sources-2.4.26-r5.ebuild:
1366 scox 1.35 Updated to use the new hardened-patches-2.4-26.1 patchball.
1367 scox 1.34 It adds the following features:
1368     - Squashfs
1369     - Ebtables
1370     - Netdev random (core+drivers)
1371     - Watchdog Timer (WDT) fix.
1372    
1373 scox 1.33 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1374    
1375     04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1376     +hardened-sources-2.4.26-r4.ebuild,
1377     +files/2.4.26-CAN-2004-0415.patch,
1378     -hardened-sources-2.4.26-3:
1379     Version bump, fix for CAN 0415, see bug #59378.
1380    
1381 scox 1.32 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1382    
1383     22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1384     +hardened-sources-2.4.26-r3.ebuild,
1385     +files/2.4.26-CAN-2004-0497.patch,
1386     -hardened-sources-2.4.26-r2.ebuild:
1387     Version bump, fixed CAN 0497, see bug #56171.
1388    
1389 scox 1.31 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1390    
1391     29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1392 scox 1.32 +hardened-sources-2.4.26-r2.ebuild,
1393 scox 1.31 +files/2.4.26-CAN-2004-0495.patch,
1394     +files/2.4.26-CAN-2004-0535.patch,
1395     -hardened-sources-2.4.26-r1.ebuild:
1396     Fixes for both CAN 0495 and 0535, see bug #54976
1397 pvdabeel 1.27
1398 agriffis 1.29 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1399     hardened-sources-2.4.26-r1.ebuild:
1400     QA - fix use invocation
1401 scox 1.28
1402     *hardened-sources-2.4.26-r1 (22 June 2004)
1403    
1404     22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1405     +hardened-sources-2.4.26-r1.ebuild,
1406     +files/2.4.26-CAN-2004-0394.patch,
1407     +files/2.4.26-signal-race.patch,
1408     -hardened-sources-2.4.26.ebuild,
1409     -hardened-sources-2.4.24-r3.ebuild:
1410     Version bump for the CAN-2004-0394 issue and bug #53804
1411     Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1412    
1413    
1414 pvdabeel 1.27 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1415     hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1416     Masked hardened-sources-2.4.26.ebuild broken for ppc
1417    
1418     31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1419     hardened-sources-2.4.24-r3.ebuild:
1420     Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1421 plasmaroo 1.25
1422 scox 1.26 *hardened-sources-2.4.26 (29 May 2004)
1423    
1424     29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1425     +hardened-sources-2.4.26.ebuild:
1426     Updated hardened-sources for the 2.4.26 kernel
1427     Removed broken components, updated almost everything.
1428    
1429 plasmaroo 1.25 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1430    
1431     17 Apr 2004; <plasmaroo@gentoo.org>
1432     +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1433     +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1434     +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1435     +hardened-sources-2.4.24-r3.ebuild:
1436     Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1437     vulnerabilities. Old revisions removed.
1438 plasmaroo 1.24
1439     *hardened-sources-2.4.24-r2 (15 Apr 2004)
1440    
1441     15 Apr 2004; <plasmaroo@gentoo.org>
1442     +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1443     -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1444     Version bump for the CAN-2004-0109 issue; bug #47881.
1445 aliz 1.23
1446     12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1447     hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1448     Add eutils to inherit.
1449 plasmaroo 1.22
1450     *hardened-sources-2.4.24-r1 (19 Feb 2004)
1451    
1452     19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1453     files/hardened-sources-2.4.24.munmap.patch:
1454     Added the patch for the mremap/munmap vulnerability. Bug #42024.
1455 scox 1.19
1456 scox 1.21 *hardened-sources-2.4.24 (06 Feb 2004)
1457 scox 1.26
1458 scox 1.21 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1459     hardened-sources-2.4.24.ebuild:
1460     Version bump, updated most of the components.
1461     This release includes the following:
1462    
1463     - Hardened security
1464     - Netfilter patch-o-matic 20031219
1465     - FreeSWAN 2.04 & x509 1.4.8
1466     - EVMS 2.2.2
1467     - XFS 1.3.1
1468     - cryptoloop jari
1469     - grsecurity 2.0-rc4
1470     - SELinux
1471     - PaX 200402060000
1472     - PaX Obscurity 200308302223
1473     - Others...
1474    
1475     Neither -ck nor systrace are included anymore.
1476    
1477 scox 1.19 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1478    
1479     05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1480     hardened-sources-2.4.22-r2.ebuild:
1481 scox 1.20 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1482 scox 1.19
1483     *hardened-sources-2.4.22-r1 (02 Dec 2003)
1484 iggy 1.17
1485     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1486 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1487 iggy 1.16
1488     02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1489 plasmaroo 1.18 hardened-sources-2.4.22-r1.ebuild:
1490     Version bump for the 'do_brk' vulnerability.
1491 iggy 1.15
1492     01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1493     hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1494     hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1495     hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1496 plasmaroo 1.18 Fix the 'do_brk' vulnerability.
1497 frogger 1.14
1498     03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1499     hardened-sources-2.4.22.ebuild:
1500 plasmaroo 1.18 - Removed the src_install() portion for SELinux flask
1501     components. These are no longer handled in the kernel
1502     so this code was not necessary.
1503 frogger 1.13
1504     29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1505     New 2.4.22 based hardened-sources thanks to
1506     Phil West <p.west@computer.org>.
1507    
1508     These sources include:
1509 plasmaroo 1.18 - New SELinux API
1510     - Updated CK-base
1511     - Updated GRSec
1512     - Systrace
1513     - SuperFreeS/WAN 1.99.8
1514     - Propolice kernel build support
1515     - EVMS
1516     - Other various security related patches
1517 frogger 1.11
1518 frogger 1.12 *hardened-sources-2.4.21 (14 Sep 2003)
1519    
1520     14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1521     Updated hardened-sources based on the 2.4.21 Linux kernel.
1522     This includes updates to most major components such as:
1523 plasmaroo 1.18 - ck-base-0306300059
1524     - selinux-2.4-2003071106
1525     - grsecurity-2.0-rc1
1526     - Updated IPTables patch-o-matic
1527     - Updated SuperFreeS/WAN
1528    
1529 frogger 1.12 Thanks to Phil West <pwest@computer.org> for his work in getting this
1530     updated patch set ready for the 2.4.21 based kernel.
1531    
1532 frogger 1.11 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1533     Initial import of hardened-sources-2.4.20-r4. This revision
1534     includes only a few changes, but one of these is an important
1535     security fix. It is recommended all users of hardened-sources
1536     upgrade to this release.
1537 plasmaroo 1.18
1538 frogger 1.11 - ioperm bug fix
1539     - fixed compilation failure when building without GRSec
1540 plasmaroo 1.18
1541 frogger 1.11 SAL (Secure Auditing for Linux) is NOT included in this revision
1542     due to time constraints, but is planned for inclusion in the near
1543     future.
1544 msterret 1.10
1545     *hardened-sources-2.4.20-r2 (12 Jun 2003)
1546    
1547     12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1548     hardened-sources-2.4.20-r3.ebuild:
1549 plasmaroo 1.18 Add Header...
1550 frogger 1.9
1551     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1552     hardened-sources-2.4.20-r3.ebuild:
1553     Removed warnings from ebuild. This kernel should be safe to
1554     use at this point.
1555 frogger 1.8
1556     *hardened-sources-2.4.20-r3 (08 Jun 2003)
1557    
1558     08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1559     hardened-sources-2.4.20-r3.ebuild:
1560     New revision. Includes the following changes over -r2:
1561 plasmaroo 1.18
1562 frogger 1.8 - ck7-base (O(1), preempt, low latency)
1563     - Super FreeS/WAN 1.99.7rc2
1564     - PaX for the LSM/SELinux branch
1565     - GRSecurity 2.0-pre4 (role based access control)
1566     - Systrace 1.3
1567     - EXT3 fixes
1568     - EVMS 2.0.1
1569     - GCC 3.1+ compile optimizations
1570     - ProPolice kernel build support
1571     - Hashing table security fixes
1572 frogger 1.3
1573     *hardened-sources-2.4.20-r1 (09 Apr 2003)
1574 frogger 1.7
1575     23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1576     Initial import of hardened-sources-r2. This new
1577     ebuild includes many new performance and security
1578     related patches. As in -r1, it will patch in
1579     LSM/SELinux if "selinux" is in USE, otherwise it
1580     will patch in GRSecurity. The following patches
1581     are included in this revision:
1582 plasmaroo 1.18
1583 frogger 1.7 - O(1) Scheduler, Low Latency, and Preempt
1584     (pulled from the base CK patch)
1585     - ptrace exploit patch for the LSM kernel
1586     (the GRSec patch already fixes this)
1587     - LSM 2.4-2003040709
1588     - SELinux 2.4-2003040709
1589     - Systrace v1.2
1590     - IPTables patch-o-matic base patches - 20030107
1591     - CryptoAPI 2.4.20.1 w/ loop-jari patch
1592     - Super FreeS/WAN 1.99.6.1
1593     - GRSecurity 1.9.9g
1594     - MPPE
1595     - EXT3 data journal fix
1596     - CIPE 1.5.4
1597 frogger 1.6
1598     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1599     hardened-sources-2.4.20-r1.ebuild, manifest:
1600 plasmaroo 1.18 Updated to install flask components correctly for selinux.
1601 frogger 1.5
1602     12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1603     hardened-sources-2.4.20-r1.ebuild:
1604     LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1605     is patched in instead. Ptrace patches for selinux have also been added. In
1606     either case, systrace support will be patched in as well.
1607 frogger 1.3
1608     09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1609     hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1610 plasmaroo 1.18 Revision bump for new sources.
1611 frogger 1.4
1612 frogger 1.2 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1613 frogger 1.4 hardened-sources-2.4.20-r1.ebuild:
1614 plasmaroo 1.18 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1615 method 1.1
1616 frogger 1.4 *hardened-sources-2.4.20 (30 Mar 2003)
1617    
1618 method 1.1 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1619     hardened-sources-2.4.20.ebuild:
1620 plasmaroo 1.18 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20