/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.169 - (show annotations) (download)
Thu Aug 16 16:15:03 2007 UTC (7 years, 8 months ago) by phreak
Branch: MAIN
Changes since 1.168: +7 -1 lines
Revision bump for Linux 2.6.20.16.
(Portage version: 2.1.3.5)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.168 2007/08/13 21:29:33 phreak Exp $
4
5 *hardened-sources-2.6.20-r7 (16 Aug 2007)
6
7 16 Aug 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.20-r7.ebuild:
9 Revision bump for Linux 2.6.20.16.
10
11 *hardened-sources-2.6.22-r1 (13 Aug 2007)
12
13 13 Aug 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.22-r1.ebuild:
15 Yet another revision bump.
16
17 *hardened-sources-2.6.22 (10 Aug 2007)
18
19 10 Aug 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.22.ebuild:
21 Initial release for 2.6.22. If you are using hardened-sources on a desktop
22 machine (P4 or newer), be aware you might need to disable
23 CONFIG_PAX_PAGEEXEC.
24
25 04 Aug 2007; Christian Heim <phreak@gentoo.org>
26 hardened-sources-2.6.20-r6.ebuild:
27 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
28 2.6.20.15.
29
30 10 Jul 2007; Christian Heim <phreak@gentoo.org>
31 hardened-sources-2.6.20-r5.ebuild:
32 Marking hardened-sources-2.6.20-r5 stable on ppc.
33
34 10 Jul 2007; Christian Heim <phreak@gentoo.org>
35 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
36 Cleanup.
37
38 *hardened-sources-2.6.20-r6 (08 Jul 2007)
39
40 08 Jul 2007; Christian Heim <phreak@gentoo.org>
41 +hardened-sources-2.6.20-r6.ebuild:
42 Revision bump, grabbing yet another stable release.
43
44 17 Jun 2007; Christian Heim <phreak@gentoo.org>
45 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
46 -hardened-sources-2.6.21-r2.ebuild:
47 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
48 alpha stable KEYWORD by mistake.
49
50 17 Jun 2007; Christian Heim <phreak@gentoo.org>
51 hardened-sources-2.6.20-r5.ebuild:
52 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
53 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
54
55 *hardened-sources-2.6.21-r3 (12 Jun 2007)
56
57 12 Jun 2007; Christian Heim <phreak@gentoo.org>
58 +hardened-sources-2.6.21-r3.ebuild:
59 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
60 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
61 love.
62
63 *hardened-sources-2.6.20-r5 (11 Jun 2007)
64
65 11 Jun 2007; Christian Heim <phreak@gentoo.org>
66 +hardened-sources-2.6.20-r5.ebuild:
67 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
68 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
69 love.
70
71 *hardened-sources-2.4.34.5 (11 Jun 2007)
72
73 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
74 +hardened-sources-2.4.34.5.ebuild:
75 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
76
77 30 May 2007; Christian Heim <phreak@gentoo.org>
78 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
79 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
80 stale ebuild(s).
81
82 30 May 2007; Christian Heim <phreak@gentoo.org>
83 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
84 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
85 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
86 Doing some cleanups, remove stale ebuilds.
87
88 26 May 2007; Christian Heim <phreak@gentoo.org>
89 hardened-sources-2.6.21-r2.ebuild:
90 Fixing the grsecurity patch, had one '};' too much.
91
92 *hardened-sources-2.6.21-r2 (26 May 2007)
93
94 26 May 2007; Christian Heim <phreak@gentoo.org>
95 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
96 +hardened-sources-2.6.21-r2.ebuild:
97 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
98 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
99
100 *hardened-sources-2.6.20-r4 (26 May 2007)
101
102 26 May 2007; Christian Heim <phreak@gentoo.org>
103 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
104 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
105 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
106
107 15 May 2007; Christian Heim <phreak@gentoo.org>
108 hardened-sources-2.6.20-r3.ebuild:
109 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
110 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
111 grsecurity patch fail in that exact same hunk.
112
113 *hardened-sources-2.6.20-r3 (15 May 2007)
114
115 15 May 2007; Christian Heim <phreak@gentoo.org>
116 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
117 Revision bump, incorporating Linux 2.6.20.11.
118
119 *hardened-sources-2.6.21-r1 (11 May 2007)
120
121 11 May 2007; Christian Heim <phreak@gentoo.org>
122 +hardened-sources-2.6.21-r1.ebuild:
123 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
124 mentioned in #177234.
125
126 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
127 files/digest-hardened-sources-2.6.21, Manifest:
128 Fix Manifest/digest for linux-2.6.21.tar.bz2
129
130 06 May 2007; Christian Heim <phreak@gentoo.org>
131 hardened-sources-2.6.21.ebuild:
132 Bumping the hardened-patches version, needed for the fix for #177234.
133
134 *hardened-sources-2.6.21 (02 May 2007)
135
136 02 May 2007; Christian Heim <phreak@gentoo.org>
137 +hardened-sources-2.6.21.ebuild:
138 Version bump, Linux 2.6.21-hardened.
139
140 29 Apr 2007; Christian Heim <phreak@gentoo.org>
141 hardened-sources-2.6.20-r2.ebuild:
142 Adding ~ia64 on Ned's request.
143
144 29 Apr 2007; Christian Heim <phreak@gentoo.org>
145 hardened-sources-2.6.20-r2.ebuild:
146 Fixing the included grsecurity patch, wasn't alligning due to the Index:
147 header line(s).
148
149 29 Apr 2007; Christian Heim <phreak@gentoo.org>
150 hardened-sources-2.6.20-r2.ebuild:
151 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
152
153 *hardened-sources-2.6.20-r2 (10 Apr 2007)
154
155 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
156 +hardened-sources-2.6.20-r2.ebuild:
157 Version bump, on behalf of phreak
158
159 *hardened-sources-2.6.20-r1 (04 Apr 2007)
160
161 04 Apr 2007; Christian Heim <phreak@gentoo.org>
162 +hardened-sources-2.6.20-r1.ebuild:
163 Revision bump, grabbing a newer grsecurity snapshot.
164
165 *hardened-sources-2.6.20 (25 Mar 2007)
166
167 25 Mar 2007; Christian Heim <phreak@gentoo.org>
168 +hardened-sources-2.6.20.ebuild:
169 Finally a hardened-sources version for 2.6.20; many people have been waiting
170 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
171 testbox.
172
173 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
174 hardened-sources-2.6.18-r6.ebuild:
175 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
176
177 *hardened-sources-2.6.18-r6 (16 Mar 2007)
178
179 16 Mar 2007; Christian Heim <phreak@gentoo.org>
180 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
181 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
182 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
183 supposed to be.
184
185 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
186 Fixing the Manifest, the previous one was broken (as in still had the
187 deleted ebuild in it).
188
189 06 Mar 2007; Christian Heim <phreak@gentoo.org>
190 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
191 +hardened-sources-2.6.18-r5.ebuild:
192 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
193 Linux 2.6.18.8. Also cleaning up the older version.
194
195 *hardened-sources-2.6.18-r5 (06 Mar 2007)
196
197 06 Mar 2007; Christian Heim <phreak@gentoo.org>
198 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
199 +hardened-sources-2.6.18-r5.ebuild:
200 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
201 Linux 2.6.18.8. Also cleaning up the older version.
202
203 24 Feb 2007; Christian Heim <phreak@gentoo.org>
204 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
205 -hardened-sources-2.6.19-r5.ebuild:
206 Removing some of the old version, that didn't work.
207
208 *hardened-sources-2.6.19-r6 (12 Feb 2007)
209
210 12 Feb 2007; Christian Heim <phreak@gentoo.org>
211 +hardened-sources-2.6.19-r6.ebuild:
212 Revision bump, including a new grsec version fixing #166235.
213
214 *hardened-sources-2.4.34 (24 Jan 2007)
215
216 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
217 Manifest:
218 updating Manifest with checksums of new tarball and ebuild
219
220 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
221 +hardened-sources-2.4.34.ebuild:
222 I added new hardened sources 2.4 update, this is a critical path
223 security bugfix - all users of h-s are strongly advised
224 to update their existing hardened sources to this version.
225 It contains a fix for a kernel vulnerability that is pertaining
226 to the PaX changes to virtual memory management, possibly leading
227 to a local kernel exploit ... see grsecurity.net forums and homepage
228
229 23 Jan 2007; Christian Heim <phreak@gentoo.org>
230 files/digest-hardened-sources-2.6.19-r5, Manifest:
231 Fixing the patch-tarball digest.
232
233 *hardened-sources-2.6.19-r5 (23 Jan 2007)
234
235 23 Jan 2007; Christian Heim <phreak@gentoo.org>
236 +hardened-sources-2.6.19-r5.ebuild:
237 Revision bump, closing the recently discovered PaX expand_stack()
238 vulnerability.
239
240 *hardened-sources-2.6.19-r4 (14 Jan 2007)
241
242 14 Jan 2007; Christian Heim <phreak@gentoo.org>
243 +hardened-sources-2.6.19-r4.ebuild:
244 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
245 dropping the randomized PID feature.
246
247 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
248 hardened-sources-2.4.33.4.ebuild:
249 stable x86, bug #161171
250
251 *hardened-sources-2.6.19-r3 (27 Dec 2006)
252
253 27 Dec 2006; Christian Heim <phreak@gentoo.org>
254 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
255 Revision bump for bug #157186 and #158786.
256
257 *hardened-sources-2.6.18-r4 (27 Dec 2006)
258
259 27 Dec 2006; Christian Heim <phreak@gentoo.org>
260 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
261 Revision bump for bug #157186.
262
263 *hardened-sources-2.6.19-r2 (23 Dec 2006)
264
265 23 Dec 2006; Christian Heim <phreak@gentoo.org>
266 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
267 Revision bump to pull in genpatches-2.6.19-3 for #157186.
268
269 17 Dec 2006; Christian Heim <phreak@gentoo.org>
270 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
271 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
272 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
273 hardened-sources-2.6.19-r1.ebuild:
274 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
275 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
276
277 *hardened-sources-2.4.33.4 (17 Dec 2006)
278
279 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
280 +hardened-sources-2.4.33.4.ebuild:
281 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
282 and quilting
283
284 *hardened-sources-2.6.19-r1 (14 Dec 2006)
285
286 14 Dec 2006; Christian Heim <phreak@gentoo.org>
287 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
288 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
289 for reporting).
290
291 *hardened-sources-2.6.19 (13 Dec 2006)
292
293 13 Dec 2006; Christian Heim <phreak@gentoo.org>
294 +hardened-sources-2.6.19.ebuild:
295 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
296 Brad for providing that prompt update.
297
298 *hardened-sources-2.6.18-r3 (13 Dec 2006)
299
300 13 Dec 2006; Christian Heim <phreak@gentoo.org>
301 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
302 +hardened-sources-2.6.18-r3.ebuild:
303 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
304 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
305
306 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
307 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
308
309 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
310 Stable on ppc wrt bug 157356
311
312 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
313 hardened-sources-2.6.18.ebuild:
314 stable x86, bug #157356
315
316 *hardened-sources-2.6.18-r2 (06 Dec 2006)
317
318 06 Dec 2006; Christian Heim <phreak@gentoo.org>
319 +hardened-sources-2.6.18-r2.ebuild:
320 Revision bump, including 2.6.18.5 (via genpatches) and
321 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
322 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
323 redesign.
324
325 06 Dec 2006; Christian Heim <phreak@gentoo.org>
326 hardened-sources-2.6.18.ebuild:
327 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
328 of Mike Doty).
329
330 *hardened-sources-2.6.18-r1 (23 Nov 2006)
331
332 23 Nov 2006; Christian Heim <phreak@gentoo.org>
333 +hardened-sources-2.6.18-r1.ebuild:
334 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
335
336 *hardened-sources-2.6.18 (11 Nov 2006)
337
338 11 Nov 2006; Christian Heim <phreak@gentoo.org>
339 +hardened-sources-2.6.18.ebuild:
340 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
341
342 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
343 - mark amd64 stable also. bug #151877
344
345 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
346 - mark 2.6.17-r1 stable
347
348 27 Aug 2006; Christian Heim <phreak@gentoo.org>
349 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
350 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
351
352 *hardened-sources-2.6.17-r1 (26 Aug 2006)
353
354 26 Aug 2006; Christian Heim <phreak@gentoo.org>
355 +hardened-sources-2.6.17-r1.ebuild:
356 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
357 grsecurity patch.
358
359 *hardened-sources-2.6.17 (17 Aug 2006)
360
361 17 Aug 2006; Christian Heim <phreak@gentoo.org>
362 +hardened-sources-2.6.17.ebuild:
363 Bumping the hardened-sources-2.6 series to 2.6.17, using
364 genpatches-2.6.17-6.base.
365
366 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
367 - stable on x86 and amd64
368
369 *hardened-sources-2.6.16-r11 (15 Jul 2006)
370
371 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
372 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
373 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
374 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
375 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
376 crusty ebuilds
377
378 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
379 hardened-sources-2.6.16-r10.ebuild:
380 marking stable on x86 and amd64
381
382 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
383 - 2.4.32-r6 stable on x86. RSBAC state unknown
384
385 *hardened-sources-2.4.32-r7 (10 Jul 2006)
386
387 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
388 +hardened-sources-2.4.32-r7.ebuild:
389 Bump PaX for RSBAC to test-17
390
391 *hardened-sources-2.6.16-r9 (03 Jul 2006)
392
393 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
394 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
395 hardened-sources-2.6.16 bump to latest -base.
396
397 *hardened-sources-2.4.32-r6 (30 Jun 2006)
398
399 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
400 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
401 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
402 sysctl controlable resource logging
403
404 *hardened-sources-2.6.16-r7 (05 Jun 2006)
405
406 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
407 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
408 push new 2.6.16 release in preparation for stable
409
410 22 May 2006; <solar@gentoo.org> :
411 - redigest bug 134002
412
413 *hardened-sources-2.4.32-r5 (16 May 2006)
414
415 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
416 +hardened-sources-2.4.32-r5.ebuild:
417 Fixes rsbac common patching (new patch in new -r5 patchset)
418
419 *hardened-sources-2.4.32-r4 (13 May 2006)
420
421 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
422 +hardened-sources-2.4.32-r4.ebuild:
423 - security bumps
424
425 *hardened-sources-2.6.16-r6 (03 May 2006)
426
427 03 May 2006; John Mylchreest <johnm@gentoo.org>
428 +hardened-sources-2.6.16-r6.ebuild:
429 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
430
431 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
432 hardened-sources-2.6.14-r8.ebuild:
433 fix x86_64 build problem, this will delay the digest issue again for a short
434 while but it will sort itself out
435
436 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
437 hardened-sources-2.6.14-r8.ebuild:
438 bump hardened patchset
439
440 27 Apr 2006; Alec Warner <antarus@gentoo.org>
441 files/digest-hardened-sources-2.4.32-r2,
442 files/digest-hardened-sources-2.4.32-r3,
443 files/digest-hardened-sources-2.6.14-r8, Manifest:
444 Fixing duff SHA256 digests: Bug # 131293
445
446 *hardened-sources-2.6.16-r5 (27 Apr 2006)
447
448 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
449 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
450 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
451 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
452 cleanup of old uneccessary sources
453
454 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
455 fix digest
456
457 *hardened-sources-2.6.14-r8 (20 Apr 2006)
458
459 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
460 +hardened-sources-2.6.14-r8.ebuild:
461 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
462
463 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
464 Turning on gpg-signing again, and recomitting
465
466 *hardened-sources-2.6.16-r4 (20 Apr 2006)
467
468 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
469 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
470 +hardened-sources-2.6.16-r4.ebuild:
471 Fix numerous security vulns
472
473 *hardened-sources-2.4.32-r3 (16 Apr 2006)
474
475 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
476 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
477 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
478 - security bump for bug #112791. Removed old ebuilds
479
480 *hardened-sources-2.6.16-r3 (15 Apr 2006)
481
482 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
483 +hardened-sources-2.6.16-r3.ebuild:
484 Removing silly localversion which I missed
485
486 *hardened-sources-2.6.14-r7 (14 Apr 2006)
487
488 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
489 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
490 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
491
492 *hardened-sources-2.6.16-r2 (13 Apr 2006)
493
494 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
495 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
496 +hardened-sources-2.6.16-r2.ebuild:
497 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
498 labels, dropping USERGROUP define fixes, since these were merged mainstream.
499
500 *hardened-sources-2.6.16-r1 (11 Apr 2006)
501
502 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
503 +hardened-sources-2.6.16-r1.ebuild:
504 Bumping to include ppc build fix and 2.6.16.3
505
506 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
507 hardened-sources-2.6.14-r6.ebuild:
508 Stable on x86; bug #127718
509
510 *hardened-sources-2.6.16 (31 Mar 2006)
511
512 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
513 +hardened-sources-2.6.16.ebuild:
514 Bumping to new version of grsec, and kernel base. New squashfs. Based on
515 2.6.16.1
516
517 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
518 hardened-sources-2.6.14-r6.ebuild:
519 Stable on amd64, bug 127718.
520
521 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
522 Stable on ppc. Bug #127718
523
524 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
525 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
526 -hardened-sources-2.6.14-r4.ebuild:
527 Cleanup.
528
529 *hardened-sources-2.6.14-r6 (15 Mar 2006)
530
531 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
532 +hardened-sources-2.6.14-r6.ebuild:
533 Fixes grsec policy recreation bug and adds a
534 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
535
536 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
537 - stable on x86
538
539 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
540 hardened-sources-2.6.14-r5.ebuild:
541 Stable on ppc.
542
543 *hardened-sources-2.6.14-r5 (01 Feb 2006)
544
545 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
546 +hardened-sources-2.6.14-r5.ebuild:
547 fixing every known exploit
548
549 *hardened-sources-2.4.32-r2 (26 Jan 2006)
550
551 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
552 +hardened-sources-2.4.32-r2.ebuild:
553 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
554
555 *hardened-sources-2.6.14-r4 (12 Jan 2006)
556
557 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
558 - version bump for new genpatches which fix up a few sec holes
559
560 *hardened-sources-2.4.32-r1 (05 Jan 2006)
561
562 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
563 - revision bump to add misc vital linux kernel security patches.
564
565 *hardened-sources-2.6.14-r3 (30 Dec 2005)
566
567 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
568 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
569 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
570
571 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
572 hardened-sources-2.6.14-r2.ebuild:
573 making x86 & amd64 stable following testing.
574
575 *hardened-sources-2.6.14-r2 (27 Dec 2005)
576
577 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
578 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
579 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
580 network hooks.
581
582 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
583 hardened-sources-2.6.14-r1.ebuild:
584 bumping to stable early for sec fix on x86 & amd64
585
586 *hardened-sources-2.6.14-r1 (05 Dec 2005)
587
588 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
589 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
590 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
591
592 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
593 - stable on x86 security bug #114227 CAN-2005-3257
594
595 *hardened-sources-2.4.32 (19 Nov 2005)
596
597 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
598 +hardened-sources-2.4.32.ebuild:
599 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
600 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
601 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
602 rsbac >> /etc/portage/package.use)
603
604 *hardened-sources-2.6.14 (14 Nov 2005)
605
606 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
607 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
608 Bumping 2.6 series to 2.6.14.2
609
610 *hardened-sources-2.6.13-r2 (20 Oct 2005)
611
612 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
613 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
614 +hardened-sources-2.6.13-r2.ebuild:
615 Fixes minor build error in ppc.
616
617 *hardened-sources-2.6.13-r1 (17 Oct 2005)
618
619 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
620 +hardened-sources-2.6.13-r1.ebuild:
621 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
622 2.6.13.4, fixes some major amd64 stability problems.
623
624 *hardened-sources-2.6.13 (16 Sep 2005)
625
626 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
627 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
628 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
629 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
630 users should test this thoroughly.
631
632 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
633 - stable on x86
634
635 *hardened-sources-2.6.11-r15 (27 Jun 2005)
636
637 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
638 +hardened-sources-2.6.11-r15.ebuild:
639 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
640 grsec redefining curr_ip struct.
641
642 *hardened-sources-2.4.31 (20 Jun 2005)
643
644 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
645 initial import of 2.4.31 tree
646
647 *hardened-sources-2.6.11-r14 (14 Jun 2005)
648
649 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
650 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
651 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
652 naming scheme to abide by genpatches
653
654 *hardened-sources-2.6.11-r13 (18 May 2005)
655
656 18 May 2005; John Mylchreest <johnm@gentoo.org>
657 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
658 Managed to mangle the Makefile patch from grsec, to miss out the grsec
659 target. sorry about that. Fixes bug #93022
660
661 *hardened-sources-2.6.11-r12 (17 May 2005)
662
663 17 May 2005; John Mylchreest <johnm@gentoo.org>
664 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
665 +hardened-sources-2.6.11-r12.ebuild:
666 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
667 merges in genpatches-base
668
669 *hardened-sources-2.6.11-r12 (17 May 2005)
670
671 17 May 2005; John Mylchreest <johnm@gentoo.org>
672 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
673 +hardened-sources-2.6.11-r12.ebuild:
674 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
675 merges in genpatches-base
676
677 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
678 -files/2.4.27-cmdline-race.patch,
679 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
680 -files/2.4.28-grsec-binfmt_a.out.patch,
681 -files/2.4.28-grsec-cmdline-race.patch,
682 -files/2.4.28-selinux-binfmt_a.out.patch,
683 -files/2.4.28-selinux-cmdline-race.patch,
684 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
685 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
686 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
687 cleanup..
688
689 *hardened-sources-2.4.30-r1 (21 Apr 2005)
690
691 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
692 - disable aout by default
693
694 *hardened-sources-2.4.30 (18 Apr 2005)
695
696 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
697 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
698 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
699 use
700
701 *hardened-sources-2.4.29 (30 Mar 2005)
702
703 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
704 +hardened-sources-2.4.29.ebuild:
705 New hardened-patches-2.4-29.0 patchball.
706 Removed SELinux support, upgraded GRSecurity to 2.1.4.
707
708 *hardened-sources-2.4.28-r5 (06 Mar 2005)
709
710 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
711 +hardened-sources-2.4.28-r5.ebuild:
712 Added a fix for a PaX vulnerability.
713
714 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
715 hardened-sources-2.4.28-r4.ebuild:
716 Stable on x86
717
718 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
719 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
720 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
721 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
722 - fixed/added RDEPEND= in all kernel-2 ebuilds
723
724 *hardened-sources-2.4.28-r4 (21 Jan 2005)
725
726 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
727 +hardened-sources-2.4.28-r4.ebuild:
728 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
729 backport of neighbour hash updates.
730
731 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
732 hardened-sources-2.4.28-r3.ebuild:
733 Stable on x86
734
735 *hardened-sources-2.6.10-r3 (20 Jan 2005)
736
737 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
738 +hardened-sources-2.6.10-r3.ebuild:
739 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
740 in 2005.0
741
742 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
743 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
744 hardened-sources-2.4.28-r2.ebuild:
745 Mark stable on x86
746
747 *hardened-sources-2.4.28-r3 (17 Jan 2005)
748
749 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
750 +hardened-sources-2.4.28-r3.ebuild:
751 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
752
753 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
754 hardened-sources-2.4.28.ebuild:
755 Mark stable on x86.
756
757 *hardened-sources-2.4.28-r2 (13 Jan 2005)
758
759 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
760 +hardened-sources-2.4.28-r2.ebuild:
761 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
762 Mazinger for grsecurity patches as well.
763
764 *hardened-sources-2.4.28-r1 (23 Dec 2004)
765
766 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
767 Security bump. Thank tocharian for rolling a new patchset...
768
769 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
770 +files/2.4.28-grsec-cmdline-race.patch,
771 +files/2.4.28-selinux-binfmt_a.out.patch,
772 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
773 - Round up remaining security patches that appear to be missing in 2.4.28. -
774 PaX standalone updated to current. hgpv=28.1
775
776 *hardened-sources-2.4.28 (28 Nov 2004)
777
778 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
779 security bump. Thank tocharian for rolling a new patchset
780
781 *hardened-sources-2.4.27-r3 (08 Sep 2004)
782
783 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
784 +hardened-sources-2.4.27-r3.ebuild:
785 Applies the new 2.4-27.2 patchball which updates
786 GRSecurity to the 2.0.1 version.
787
788 *hardened-sources-2.4.27-r2 (31 Aug 2004)
789
790 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
791 +hardened-sources-2.4.27-r2.ebuild:
792 Version bump.
793 This version uses the new 2.4-27.1 patchball which updates
794 both the SELinux PaX hooks patch and the SELinux headers.
795
796 *hardened-sources-2.4.27-r1 (09 Aug 2004)
797
798 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
799 +hardened-sources-2.4.27-r1.ebuild,
800 -hardened-sources-2.4.27.ebuild,
801 +files/2.4.27-cmdline-race.patch:
802 Version bump, fix for cmdline race. See bug #59905.
803
804 *hardened-sources-2.4.26-r6 (09 Aug 2004)
805
806 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
807 +hardened-sources-2.4.26-r6.ebuild,
808 -hardened-sources-2.4.26-r5.ebuild,
809 -hardened-sources-2.4.26-r4.ebuild,
810 +files/2.4.26-cmdline-race.patch:
811 Version bump, fix for cmdline race. See bug #59905.
812
813 *hardened-sources-2.4.27 (08 Aug 2004)
814
815 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
816 +hardened-sources-2.4.27.ebuild,
817 +files/2.4.27-CAN-2004-0394.patch:
818 Ported the patchball to the 2.4.27 kernel version.
819
820 *hardened-sources-2.4.26-r5 (07 Aug 2004)
821
822 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
823 +hardened-sources-2.4.26-r5.ebuild:
824 Updated to use the new hardened-patches-2.4-26.1 patchball.
825 It adds the following features:
826 - Squashfs
827 - Ebtables
828 - Netdev random (core+drivers)
829 - Watchdog Timer (WDT) fix.
830
831 *hardened-sources-2.4.26-r4 (04 Aug 2004)
832
833 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
834 +hardened-sources-2.4.26-r4.ebuild,
835 +files/2.4.26-CAN-2004-0415.patch,
836 -hardened-sources-2.4.26-3:
837 Version bump, fix for CAN 0415, see bug #59378.
838
839 *hardened-sources-2.4.26-r3 (22 Jul 2004)
840
841 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
842 +hardened-sources-2.4.26-r3.ebuild,
843 +files/2.4.26-CAN-2004-0497.patch,
844 -hardened-sources-2.4.26-r2.ebuild:
845 Version bump, fixed CAN 0497, see bug #56171.
846
847 *hardened-sources-2.4.26-r2 (29 Jun 2004)
848
849 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
850 +hardened-sources-2.4.26-r2.ebuild,
851 +files/2.4.26-CAN-2004-0495.patch,
852 +files/2.4.26-CAN-2004-0535.patch,
853 -hardened-sources-2.4.26-r1.ebuild:
854 Fixes for both CAN 0495 and 0535, see bug #54976
855
856 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
857 hardened-sources-2.4.26-r1.ebuild:
858 QA - fix use invocation
859
860 *hardened-sources-2.4.26-r1 (22 June 2004)
861
862 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
863 +hardened-sources-2.4.26-r1.ebuild,
864 +files/2.4.26-CAN-2004-0394.patch,
865 +files/2.4.26-signal-race.patch,
866 -hardened-sources-2.4.26.ebuild,
867 -hardened-sources-2.4.24-r3.ebuild:
868 Version bump for the CAN-2004-0394 issue and bug #53804
869 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
870
871
872 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
873 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
874 Masked hardened-sources-2.4.26.ebuild broken for ppc
875
876 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
877 hardened-sources-2.4.24-r3.ebuild:
878 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
879
880 *hardened-sources-2.4.26 (29 May 2004)
881
882 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
883 +hardened-sources-2.4.26.ebuild:
884 Updated hardened-sources for the 2.4.26 kernel
885 Removed broken components, updated almost everything.
886
887 *hardened-sources-2.4.24-r3 (17 Apr 2004)
888
889 17 Apr 2004; <plasmaroo@gentoo.org>
890 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
891 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
892 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
893 +hardened-sources-2.4.24-r3.ebuild:
894 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
895 vulnerabilities. Old revisions removed.
896
897 *hardened-sources-2.4.24-r2 (15 Apr 2004)
898
899 15 Apr 2004; <plasmaroo@gentoo.org>
900 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
901 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
902 Version bump for the CAN-2004-0109 issue; bug #47881.
903
904 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
905 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
906 Add eutils to inherit.
907
908 *hardened-sources-2.4.24-r1 (19 Feb 2004)
909
910 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
911 files/hardened-sources-2.4.24.munmap.patch:
912 Added the patch for the mremap/munmap vulnerability. Bug #42024.
913
914 *hardened-sources-2.4.24 (06 Feb 2004)
915
916 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
917 hardened-sources-2.4.24.ebuild:
918 Version bump, updated most of the components.
919 This release includes the following:
920
921 - Hardened security
922 - Netfilter patch-o-matic 20031219
923 - FreeSWAN 2.04 & x509 1.4.8
924 - EVMS 2.2.2
925 - XFS 1.3.1
926 - cryptoloop jari
927 - grsecurity 2.0-rc4
928 - SELinux
929 - PaX 200402060000
930 - PaX Obscurity 200308302223
931 - Others...
932
933 Neither -ck nor systrace are included anymore.
934
935 *hardened-sources-2.4.22-r2 (05 Jan 2004)
936
937 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
938 hardened-sources-2.4.22-r2.ebuild:
939 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
940
941 *hardened-sources-2.4.22-r1 (02 Dec 2003)
942
943 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
944 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
945
946 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
947 hardened-sources-2.4.22-r1.ebuild:
948 Version bump for the 'do_brk' vulnerability.
949
950 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
951 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
952 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
953 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
954 Fix the 'do_brk' vulnerability.
955
956 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
957 hardened-sources-2.4.22.ebuild:
958 - Removed the src_install() portion for SELinux flask
959 components. These are no longer handled in the kernel
960 so this code was not necessary.
961
962 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
963 New 2.4.22 based hardened-sources thanks to
964 Phil West <p.west@computer.org>.
965
966 These sources include:
967 - New SELinux API
968 - Updated CK-base
969 - Updated GRSec
970 - Systrace
971 - SuperFreeS/WAN 1.99.8
972 - Propolice kernel build support
973 - EVMS
974 - Other various security related patches
975
976 *hardened-sources-2.4.21 (14 Sep 2003)
977
978 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
979 Updated hardened-sources based on the 2.4.21 Linux kernel.
980 This includes updates to most major components such as:
981 - ck-base-0306300059
982 - selinux-2.4-2003071106
983 - grsecurity-2.0-rc1
984 - Updated IPTables patch-o-matic
985 - Updated SuperFreeS/WAN
986
987 Thanks to Phil West <pwest@computer.org> for his work in getting this
988 updated patch set ready for the 2.4.21 based kernel.
989
990 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
991 Initial import of hardened-sources-2.4.20-r4. This revision
992 includes only a few changes, but one of these is an important
993 security fix. It is recommended all users of hardened-sources
994 upgrade to this release.
995
996 - ioperm bug fix
997 - fixed compilation failure when building without GRSec
998
999 SAL (Secure Auditing for Linux) is NOT included in this revision
1000 due to time constraints, but is planned for inclusion in the near
1001 future.
1002
1003 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1004
1005 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1006 hardened-sources-2.4.20-r3.ebuild:
1007 Add Header...
1008
1009 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1010 hardened-sources-2.4.20-r3.ebuild:
1011 Removed warnings from ebuild. This kernel should be safe to
1012 use at this point.
1013
1014 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1015
1016 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1017 hardened-sources-2.4.20-r3.ebuild:
1018 New revision. Includes the following changes over -r2:
1019
1020 - ck7-base (O(1), preempt, low latency)
1021 - Super FreeS/WAN 1.99.7rc2
1022 - PaX for the LSM/SELinux branch
1023 - GRSecurity 2.0-pre4 (role based access control)
1024 - Systrace 1.3
1025 - EXT3 fixes
1026 - EVMS 2.0.1
1027 - GCC 3.1+ compile optimizations
1028 - ProPolice kernel build support
1029 - Hashing table security fixes
1030
1031 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1032
1033 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1034 Initial import of hardened-sources-r2. This new
1035 ebuild includes many new performance and security
1036 related patches. As in -r1, it will patch in
1037 LSM/SELinux if "selinux" is in USE, otherwise it
1038 will patch in GRSecurity. The following patches
1039 are included in this revision:
1040
1041 - O(1) Scheduler, Low Latency, and Preempt
1042 (pulled from the base CK patch)
1043 - ptrace exploit patch for the LSM kernel
1044 (the GRSec patch already fixes this)
1045 - LSM 2.4-2003040709
1046 - SELinux 2.4-2003040709
1047 - Systrace v1.2
1048 - IPTables patch-o-matic base patches - 20030107
1049 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1050 - Super FreeS/WAN 1.99.6.1
1051 - GRSecurity 1.9.9g
1052 - MPPE
1053 - EXT3 data journal fix
1054 - CIPE 1.5.4
1055
1056 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1057 hardened-sources-2.4.20-r1.ebuild, manifest:
1058 Updated to install flask components correctly for selinux.
1059
1060 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1061 hardened-sources-2.4.20-r1.ebuild:
1062 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1063 is patched in instead. Ptrace patches for selinux have also been added. In
1064 either case, systrace support will be patched in as well.
1065
1066 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1067 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1068 Revision bump for new sources.
1069
1070 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1071 hardened-sources-2.4.20-r1.ebuild:
1072 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1073
1074 *hardened-sources-2.4.20 (30 Mar 2003)
1075
1076 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1077 hardened-sources-2.4.20.ebuild:
1078 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20