/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.185 - (show annotations) (download)
Mon Sep 24 17:27:56 2007 UTC (7 years, 11 months ago) by phreak
Branch: MAIN
Changes since 1.184: +5 -1 lines
Cleaning up further.
(Portage version: 2.1.3.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.184 2007/09/24 17:26:06 phreak Exp $
4
5 24 Sep 2007; Christian Heim <phreak@gentoo.org>
6 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
7 Cleaning up further.
8
9 *hardened-sources-2.6.20-r10 (24 Sep 2007)
10
11 24 Sep 2007; Christian Heim <phreak@gentoo.org>
12 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
13 +hardened-sources-2.6.20-r10.ebuild:
14 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
15 revisions.
16
17 *hardened-sources-2.6.22-r5 (22 Sep 2007)
18
19 22 Sep 2007; Christian Heim <phreak@gentoo.org>
20 +hardened-sources-2.6.22-r5.ebuild:
21 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
22
23 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
24 Removing johnm from metadata.xml (see #186467 for reference).
25
26 *hardened-sources-2.6.22-r4 (17 Sep 2007)
27
28 17 Sep 2007; Christian Heim <phreak@gentoo.org>
29 +hardened-sources-2.6.22-r4.ebuild:
30 Revision bump, hopefully fixing all those weird PAX failures.
31
32 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
33 Updating the metadata.xml.
34
35 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
36 Removing tocharian from metadata due to his retirement (see #71718 for
37 reference).
38
39 *hardened-sources-2.6.20-r9 (30 Aug 2007)
40
41 30 Aug 2007; Christian Heim <phreak@gentoo.org>
42 +hardened-sources-2.6.20-r9.ebuild:
43 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
44
45 29 Aug 2007; Christian Heim <phreak@gentoo.org>
46 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
47 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
48 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
49 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
50 -hardened-sources-2.6.22-r2.ebuild:
51 Removing some redundant versions.
52
53 *hardened-sources-2.4.35-r1 (29 Aug 2007)
54
55 29 Aug 2007; Christian Heim <phreak@gentoo.org>
56 +hardened-sources-2.4.35-r1.ebuild:
57 Revision bump, new grsecurity patch.
58
59 *hardened-sources-2.6.20-r8 (26 Aug 2007)
60
61 26 Aug 2007; Christian Heim <phreak@gentoo.org>
62 +hardened-sources-2.6.20-r8.ebuild:
63 Revision bump for Linux 2.6.20.17.
64
65 *hardened-sources-2.6.22-r3 (22 Aug 2007)
66
67 22 Aug 2007; Christian Heim <phreak@gentoo.org>
68 +hardened-sources-2.6.22-r3.ebuild:
69 Revision bump for Linux 2.6.22.4.
70
71 16 Aug 2007; Christian Heim <phreak@gentoo.org>
72 hardened-sources-2.6.22-r2.ebuild:
73 Updated patchset, to fix the alignment against 2.6.22.3.
74
75 *hardened-sources-2.6.22-r2 (16 Aug 2007)
76
77 16 Aug 2007; Christian Heim <phreak@gentoo.org>
78 +hardened-sources-2.6.22-r2.ebuild:
79 Revision bump for Linux 2.6.22.3.
80
81 *hardened-sources-2.4.35 (16 Aug 2007)
82
83 16 Aug 2007; Christian Heim <phreak@gentoo.org>
84 +hardened-sources-2.4.35.ebuild:
85 Version bump, initial version for Linux 2.4.35.
86
87 *hardened-sources-2.6.21-r4 (16 Aug 2007)
88
89 16 Aug 2007; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.21-r4.ebuild:
91 Revision bump for Linux 2.6.21.6.
92
93 *hardened-sources-2.6.20-r7 (16 Aug 2007)
94
95 16 Aug 2007; Christian Heim <phreak@gentoo.org>
96 +hardened-sources-2.6.20-r7.ebuild:
97 Revision bump for Linux 2.6.20.16.
98
99 *hardened-sources-2.6.22-r1 (13 Aug 2007)
100
101 13 Aug 2007; Christian Heim <phreak@gentoo.org>
102 +hardened-sources-2.6.22-r1.ebuild:
103 Yet another revision bump.
104
105 *hardened-sources-2.6.22 (10 Aug 2007)
106
107 10 Aug 2007; Christian Heim <phreak@gentoo.org>
108 +hardened-sources-2.6.22.ebuild:
109 Initial release for 2.6.22. If you are using hardened-sources on a desktop
110 machine (P4 or newer), be aware you might need to disable
111 CONFIG_PAX_PAGEEXEC.
112
113 04 Aug 2007; Christian Heim <phreak@gentoo.org>
114 hardened-sources-2.6.20-r6.ebuild:
115 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
116 2.6.20.15.
117
118 10 Jul 2007; Christian Heim <phreak@gentoo.org>
119 hardened-sources-2.6.20-r5.ebuild:
120 Marking hardened-sources-2.6.20-r5 stable on ppc.
121
122 10 Jul 2007; Christian Heim <phreak@gentoo.org>
123 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
124 Cleanup.
125
126 *hardened-sources-2.6.20-r6 (08 Jul 2007)
127
128 08 Jul 2007; Christian Heim <phreak@gentoo.org>
129 +hardened-sources-2.6.20-r6.ebuild:
130 Revision bump, grabbing yet another stable release.
131
132 17 Jun 2007; Christian Heim <phreak@gentoo.org>
133 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
134 -hardened-sources-2.6.21-r2.ebuild:
135 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
136 alpha stable KEYWORD by mistake.
137
138 17 Jun 2007; Christian Heim <phreak@gentoo.org>
139 hardened-sources-2.6.20-r5.ebuild:
140 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
141 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
142
143 *hardened-sources-2.6.21-r3 (12 Jun 2007)
144
145 12 Jun 2007; Christian Heim <phreak@gentoo.org>
146 +hardened-sources-2.6.21-r3.ebuild:
147 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
148 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
149 love.
150
151 *hardened-sources-2.6.20-r5 (11 Jun 2007)
152
153 11 Jun 2007; Christian Heim <phreak@gentoo.org>
154 +hardened-sources-2.6.20-r5.ebuild:
155 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
156 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
157 love.
158
159 *hardened-sources-2.4.34.5 (11 Jun 2007)
160
161 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
162 +hardened-sources-2.4.34.5.ebuild:
163 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
164
165 30 May 2007; Christian Heim <phreak@gentoo.org>
166 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
167 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
168 stale ebuild(s).
169
170 30 May 2007; Christian Heim <phreak@gentoo.org>
171 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
172 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
173 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
174 Doing some cleanups, remove stale ebuilds.
175
176 26 May 2007; Christian Heim <phreak@gentoo.org>
177 hardened-sources-2.6.21-r2.ebuild:
178 Fixing the grsecurity patch, had one '};' too much.
179
180 *hardened-sources-2.6.21-r2 (26 May 2007)
181
182 26 May 2007; Christian Heim <phreak@gentoo.org>
183 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
184 +hardened-sources-2.6.21-r2.ebuild:
185 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
186 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
187
188 *hardened-sources-2.6.20-r4 (26 May 2007)
189
190 26 May 2007; Christian Heim <phreak@gentoo.org>
191 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
192 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
193 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
194
195 15 May 2007; Christian Heim <phreak@gentoo.org>
196 hardened-sources-2.6.20-r3.ebuild:
197 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
198 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
199 grsecurity patch fail in that exact same hunk.
200
201 *hardened-sources-2.6.20-r3 (15 May 2007)
202
203 15 May 2007; Christian Heim <phreak@gentoo.org>
204 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
205 Revision bump, incorporating Linux 2.6.20.11.
206
207 *hardened-sources-2.6.21-r1 (11 May 2007)
208
209 11 May 2007; Christian Heim <phreak@gentoo.org>
210 +hardened-sources-2.6.21-r1.ebuild:
211 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
212 mentioned in #177234.
213
214 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
215 files/digest-hardened-sources-2.6.21, Manifest:
216 Fix Manifest/digest for linux-2.6.21.tar.bz2
217
218 06 May 2007; Christian Heim <phreak@gentoo.org>
219 hardened-sources-2.6.21.ebuild:
220 Bumping the hardened-patches version, needed for the fix for #177234.
221
222 *hardened-sources-2.6.21 (02 May 2007)
223
224 02 May 2007; Christian Heim <phreak@gentoo.org>
225 +hardened-sources-2.6.21.ebuild:
226 Version bump, Linux 2.6.21-hardened.
227
228 29 Apr 2007; Christian Heim <phreak@gentoo.org>
229 hardened-sources-2.6.20-r2.ebuild:
230 Adding ~ia64 on Ned's request.
231
232 29 Apr 2007; Christian Heim <phreak@gentoo.org>
233 hardened-sources-2.6.20-r2.ebuild:
234 Fixing the included grsecurity patch, wasn't alligning due to the Index:
235 header line(s).
236
237 29 Apr 2007; Christian Heim <phreak@gentoo.org>
238 hardened-sources-2.6.20-r2.ebuild:
239 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
240
241 *hardened-sources-2.6.20-r2 (10 Apr 2007)
242
243 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
244 +hardened-sources-2.6.20-r2.ebuild:
245 Version bump, on behalf of phreak
246
247 *hardened-sources-2.6.20-r1 (04 Apr 2007)
248
249 04 Apr 2007; Christian Heim <phreak@gentoo.org>
250 +hardened-sources-2.6.20-r1.ebuild:
251 Revision bump, grabbing a newer grsecurity snapshot.
252
253 *hardened-sources-2.6.20 (25 Mar 2007)
254
255 25 Mar 2007; Christian Heim <phreak@gentoo.org>
256 +hardened-sources-2.6.20.ebuild:
257 Finally a hardened-sources version for 2.6.20; many people have been waiting
258 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
259 testbox.
260
261 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
262 hardened-sources-2.6.18-r6.ebuild:
263 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
264
265 *hardened-sources-2.6.18-r6 (16 Mar 2007)
266
267 16 Mar 2007; Christian Heim <phreak@gentoo.org>
268 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
269 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
270 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
271 supposed to be.
272
273 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
274 Fixing the Manifest, the previous one was broken (as in still had the
275 deleted ebuild in it).
276
277 06 Mar 2007; Christian Heim <phreak@gentoo.org>
278 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
279 +hardened-sources-2.6.18-r5.ebuild:
280 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
281 Linux 2.6.18.8. Also cleaning up the older version.
282
283 *hardened-sources-2.6.18-r5 (06 Mar 2007)
284
285 06 Mar 2007; Christian Heim <phreak@gentoo.org>
286 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
287 +hardened-sources-2.6.18-r5.ebuild:
288 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
289 Linux 2.6.18.8. Also cleaning up the older version.
290
291 24 Feb 2007; Christian Heim <phreak@gentoo.org>
292 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
293 -hardened-sources-2.6.19-r5.ebuild:
294 Removing some of the old version, that didn't work.
295
296 *hardened-sources-2.6.19-r6 (12 Feb 2007)
297
298 12 Feb 2007; Christian Heim <phreak@gentoo.org>
299 +hardened-sources-2.6.19-r6.ebuild:
300 Revision bump, including a new grsec version fixing #166235.
301
302 *hardened-sources-2.4.34 (24 Jan 2007)
303
304 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
305 Manifest:
306 updating Manifest with checksums of new tarball and ebuild
307
308 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
309 +hardened-sources-2.4.34.ebuild:
310 I added new hardened sources 2.4 update, this is a critical path
311 security bugfix - all users of h-s are strongly advised
312 to update their existing hardened sources to this version.
313 It contains a fix for a kernel vulnerability that is pertaining
314 to the PaX changes to virtual memory management, possibly leading
315 to a local kernel exploit ... see grsecurity.net forums and homepage
316
317 23 Jan 2007; Christian Heim <phreak@gentoo.org>
318 files/digest-hardened-sources-2.6.19-r5, Manifest:
319 Fixing the patch-tarball digest.
320
321 *hardened-sources-2.6.19-r5 (23 Jan 2007)
322
323 23 Jan 2007; Christian Heim <phreak@gentoo.org>
324 +hardened-sources-2.6.19-r5.ebuild:
325 Revision bump, closing the recently discovered PaX expand_stack()
326 vulnerability.
327
328 *hardened-sources-2.6.19-r4 (14 Jan 2007)
329
330 14 Jan 2007; Christian Heim <phreak@gentoo.org>
331 +hardened-sources-2.6.19-r4.ebuild:
332 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
333 dropping the randomized PID feature.
334
335 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
336 hardened-sources-2.4.33.4.ebuild:
337 stable x86, bug #161171
338
339 *hardened-sources-2.6.19-r3 (27 Dec 2006)
340
341 27 Dec 2006; Christian Heim <phreak@gentoo.org>
342 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
343 Revision bump for bug #157186 and #158786.
344
345 *hardened-sources-2.6.18-r4 (27 Dec 2006)
346
347 27 Dec 2006; Christian Heim <phreak@gentoo.org>
348 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
349 Revision bump for bug #157186.
350
351 *hardened-sources-2.6.19-r2 (23 Dec 2006)
352
353 23 Dec 2006; Christian Heim <phreak@gentoo.org>
354 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
355 Revision bump to pull in genpatches-2.6.19-3 for #157186.
356
357 17 Dec 2006; Christian Heim <phreak@gentoo.org>
358 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
359 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
360 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
361 hardened-sources-2.6.19-r1.ebuild:
362 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
363 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
364
365 *hardened-sources-2.4.33.4 (17 Dec 2006)
366
367 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
368 +hardened-sources-2.4.33.4.ebuild:
369 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
370 and quilting
371
372 *hardened-sources-2.6.19-r1 (14 Dec 2006)
373
374 14 Dec 2006; Christian Heim <phreak@gentoo.org>
375 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
376 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
377 for reporting).
378
379 *hardened-sources-2.6.19 (13 Dec 2006)
380
381 13 Dec 2006; Christian Heim <phreak@gentoo.org>
382 +hardened-sources-2.6.19.ebuild:
383 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
384 Brad for providing that prompt update.
385
386 *hardened-sources-2.6.18-r3 (13 Dec 2006)
387
388 13 Dec 2006; Christian Heim <phreak@gentoo.org>
389 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
390 +hardened-sources-2.6.18-r3.ebuild:
391 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
392 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
393
394 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
395 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
396
397 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
398 Stable on ppc wrt bug 157356
399
400 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
401 hardened-sources-2.6.18.ebuild:
402 stable x86, bug #157356
403
404 *hardened-sources-2.6.18-r2 (06 Dec 2006)
405
406 06 Dec 2006; Christian Heim <phreak@gentoo.org>
407 +hardened-sources-2.6.18-r2.ebuild:
408 Revision bump, including 2.6.18.5 (via genpatches) and
409 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
410 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
411 redesign.
412
413 06 Dec 2006; Christian Heim <phreak@gentoo.org>
414 hardened-sources-2.6.18.ebuild:
415 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
416 of Mike Doty).
417
418 *hardened-sources-2.6.18-r1 (23 Nov 2006)
419
420 23 Nov 2006; Christian Heim <phreak@gentoo.org>
421 +hardened-sources-2.6.18-r1.ebuild:
422 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
423
424 *hardened-sources-2.6.18 (11 Nov 2006)
425
426 11 Nov 2006; Christian Heim <phreak@gentoo.org>
427 +hardened-sources-2.6.18.ebuild:
428 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
429
430 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
431 - mark amd64 stable also. bug #151877
432
433 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
434 - mark 2.6.17-r1 stable
435
436 27 Aug 2006; Christian Heim <phreak@gentoo.org>
437 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
438 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
439
440 *hardened-sources-2.6.17-r1 (26 Aug 2006)
441
442 26 Aug 2006; Christian Heim <phreak@gentoo.org>
443 +hardened-sources-2.6.17-r1.ebuild:
444 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
445 grsecurity patch.
446
447 *hardened-sources-2.6.17 (17 Aug 2006)
448
449 17 Aug 2006; Christian Heim <phreak@gentoo.org>
450 +hardened-sources-2.6.17.ebuild:
451 Bumping the hardened-sources-2.6 series to 2.6.17, using
452 genpatches-2.6.17-6.base.
453
454 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
455 - stable on x86 and amd64
456
457 *hardened-sources-2.6.16-r11 (15 Jul 2006)
458
459 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
460 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
461 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
462 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
463 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
464 crusty ebuilds
465
466 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
467 hardened-sources-2.6.16-r10.ebuild:
468 marking stable on x86 and amd64
469
470 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
471 - 2.4.32-r6 stable on x86. RSBAC state unknown
472
473 *hardened-sources-2.4.32-r7 (10 Jul 2006)
474
475 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
476 +hardened-sources-2.4.32-r7.ebuild:
477 Bump PaX for RSBAC to test-17
478
479 *hardened-sources-2.6.16-r9 (03 Jul 2006)
480
481 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
482 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
483 hardened-sources-2.6.16 bump to latest -base.
484
485 *hardened-sources-2.4.32-r6 (30 Jun 2006)
486
487 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
488 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
489 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
490 sysctl controlable resource logging
491
492 *hardened-sources-2.6.16-r7 (05 Jun 2006)
493
494 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
495 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
496 push new 2.6.16 release in preparation for stable
497
498 22 May 2006; <solar@gentoo.org> :
499 - redigest bug 134002
500
501 *hardened-sources-2.4.32-r5 (16 May 2006)
502
503 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
504 +hardened-sources-2.4.32-r5.ebuild:
505 Fixes rsbac common patching (new patch in new -r5 patchset)
506
507 *hardened-sources-2.4.32-r4 (13 May 2006)
508
509 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
510 +hardened-sources-2.4.32-r4.ebuild:
511 - security bumps
512
513 *hardened-sources-2.6.16-r6 (03 May 2006)
514
515 03 May 2006; John Mylchreest <johnm@gentoo.org>
516 +hardened-sources-2.6.16-r6.ebuild:
517 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
518
519 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
520 hardened-sources-2.6.14-r8.ebuild:
521 fix x86_64 build problem, this will delay the digest issue again for a short
522 while but it will sort itself out
523
524 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
525 hardened-sources-2.6.14-r8.ebuild:
526 bump hardened patchset
527
528 27 Apr 2006; Alec Warner <antarus@gentoo.org>
529 files/digest-hardened-sources-2.4.32-r2,
530 files/digest-hardened-sources-2.4.32-r3,
531 files/digest-hardened-sources-2.6.14-r8, Manifest:
532 Fixing duff SHA256 digests: Bug # 131293
533
534 *hardened-sources-2.6.16-r5 (27 Apr 2006)
535
536 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
537 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
538 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
539 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
540 cleanup of old uneccessary sources
541
542 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
543 fix digest
544
545 *hardened-sources-2.6.14-r8 (20 Apr 2006)
546
547 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
548 +hardened-sources-2.6.14-r8.ebuild:
549 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
550
551 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
552 Turning on gpg-signing again, and recomitting
553
554 *hardened-sources-2.6.16-r4 (20 Apr 2006)
555
556 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
557 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
558 +hardened-sources-2.6.16-r4.ebuild:
559 Fix numerous security vulns
560
561 *hardened-sources-2.4.32-r3 (16 Apr 2006)
562
563 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
564 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
565 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
566 - security bump for bug #112791. Removed old ebuilds
567
568 *hardened-sources-2.6.16-r3 (15 Apr 2006)
569
570 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
571 +hardened-sources-2.6.16-r3.ebuild:
572 Removing silly localversion which I missed
573
574 *hardened-sources-2.6.14-r7 (14 Apr 2006)
575
576 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
577 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
578 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
579
580 *hardened-sources-2.6.16-r2 (13 Apr 2006)
581
582 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
583 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
584 +hardened-sources-2.6.16-r2.ebuild:
585 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
586 labels, dropping USERGROUP define fixes, since these were merged mainstream.
587
588 *hardened-sources-2.6.16-r1 (11 Apr 2006)
589
590 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
591 +hardened-sources-2.6.16-r1.ebuild:
592 Bumping to include ppc build fix and 2.6.16.3
593
594 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
595 hardened-sources-2.6.14-r6.ebuild:
596 Stable on x86; bug #127718
597
598 *hardened-sources-2.6.16 (31 Mar 2006)
599
600 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
601 +hardened-sources-2.6.16.ebuild:
602 Bumping to new version of grsec, and kernel base. New squashfs. Based on
603 2.6.16.1
604
605 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
606 hardened-sources-2.6.14-r6.ebuild:
607 Stable on amd64, bug 127718.
608
609 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
610 Stable on ppc. Bug #127718
611
612 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
613 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
614 -hardened-sources-2.6.14-r4.ebuild:
615 Cleanup.
616
617 *hardened-sources-2.6.14-r6 (15 Mar 2006)
618
619 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
620 +hardened-sources-2.6.14-r6.ebuild:
621 Fixes grsec policy recreation bug and adds a
622 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
623
624 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
625 - stable on x86
626
627 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
628 hardened-sources-2.6.14-r5.ebuild:
629 Stable on ppc.
630
631 *hardened-sources-2.6.14-r5 (01 Feb 2006)
632
633 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
634 +hardened-sources-2.6.14-r5.ebuild:
635 fixing every known exploit
636
637 *hardened-sources-2.4.32-r2 (26 Jan 2006)
638
639 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
640 +hardened-sources-2.4.32-r2.ebuild:
641 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
642
643 *hardened-sources-2.6.14-r4 (12 Jan 2006)
644
645 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
646 - version bump for new genpatches which fix up a few sec holes
647
648 *hardened-sources-2.4.32-r1 (05 Jan 2006)
649
650 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
651 - revision bump to add misc vital linux kernel security patches.
652
653 *hardened-sources-2.6.14-r3 (30 Dec 2005)
654
655 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
656 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
657 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
658
659 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
660 hardened-sources-2.6.14-r2.ebuild:
661 making x86 & amd64 stable following testing.
662
663 *hardened-sources-2.6.14-r2 (27 Dec 2005)
664
665 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
666 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
667 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
668 network hooks.
669
670 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
671 hardened-sources-2.6.14-r1.ebuild:
672 bumping to stable early for sec fix on x86 & amd64
673
674 *hardened-sources-2.6.14-r1 (05 Dec 2005)
675
676 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
677 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
678 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
679
680 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
681 - stable on x86 security bug #114227 CAN-2005-3257
682
683 *hardened-sources-2.4.32 (19 Nov 2005)
684
685 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
686 +hardened-sources-2.4.32.ebuild:
687 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
688 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
689 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
690 rsbac >> /etc/portage/package.use)
691
692 *hardened-sources-2.6.14 (14 Nov 2005)
693
694 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
695 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
696 Bumping 2.6 series to 2.6.14.2
697
698 *hardened-sources-2.6.13-r2 (20 Oct 2005)
699
700 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
701 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
702 +hardened-sources-2.6.13-r2.ebuild:
703 Fixes minor build error in ppc.
704
705 *hardened-sources-2.6.13-r1 (17 Oct 2005)
706
707 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
708 +hardened-sources-2.6.13-r1.ebuild:
709 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
710 2.6.13.4, fixes some major amd64 stability problems.
711
712 *hardened-sources-2.6.13 (16 Sep 2005)
713
714 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
715 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
716 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
717 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
718 users should test this thoroughly.
719
720 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
721 - stable on x86
722
723 *hardened-sources-2.6.11-r15 (27 Jun 2005)
724
725 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
726 +hardened-sources-2.6.11-r15.ebuild:
727 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
728 grsec redefining curr_ip struct.
729
730 *hardened-sources-2.4.31 (20 Jun 2005)
731
732 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
733 initial import of 2.4.31 tree
734
735 *hardened-sources-2.6.11-r14 (14 Jun 2005)
736
737 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
738 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
739 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
740 naming scheme to abide by genpatches
741
742 *hardened-sources-2.6.11-r13 (18 May 2005)
743
744 18 May 2005; John Mylchreest <johnm@gentoo.org>
745 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
746 Managed to mangle the Makefile patch from grsec, to miss out the grsec
747 target. sorry about that. Fixes bug #93022
748
749 *hardened-sources-2.6.11-r12 (17 May 2005)
750
751 17 May 2005; John Mylchreest <johnm@gentoo.org>
752 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
753 +hardened-sources-2.6.11-r12.ebuild:
754 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
755 merges in genpatches-base
756
757 *hardened-sources-2.6.11-r12 (17 May 2005)
758
759 17 May 2005; John Mylchreest <johnm@gentoo.org>
760 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
761 +hardened-sources-2.6.11-r12.ebuild:
762 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
763 merges in genpatches-base
764
765 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
766 -files/2.4.27-cmdline-race.patch,
767 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
768 -files/2.4.28-grsec-binfmt_a.out.patch,
769 -files/2.4.28-grsec-cmdline-race.patch,
770 -files/2.4.28-selinux-binfmt_a.out.patch,
771 -files/2.4.28-selinux-cmdline-race.patch,
772 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
773 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
774 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
775 cleanup..
776
777 *hardened-sources-2.4.30-r1 (21 Apr 2005)
778
779 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
780 - disable aout by default
781
782 *hardened-sources-2.4.30 (18 Apr 2005)
783
784 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
785 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
786 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
787 use
788
789 *hardened-sources-2.4.29 (30 Mar 2005)
790
791 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
792 +hardened-sources-2.4.29.ebuild:
793 New hardened-patches-2.4-29.0 patchball.
794 Removed SELinux support, upgraded GRSecurity to 2.1.4.
795
796 *hardened-sources-2.4.28-r5 (06 Mar 2005)
797
798 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
799 +hardened-sources-2.4.28-r5.ebuild:
800 Added a fix for a PaX vulnerability.
801
802 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
803 hardened-sources-2.4.28-r4.ebuild:
804 Stable on x86
805
806 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
807 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
808 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
809 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
810 - fixed/added RDEPEND= in all kernel-2 ebuilds
811
812 *hardened-sources-2.4.28-r4 (21 Jan 2005)
813
814 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
815 +hardened-sources-2.4.28-r4.ebuild:
816 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
817 backport of neighbour hash updates.
818
819 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
820 hardened-sources-2.4.28-r3.ebuild:
821 Stable on x86
822
823 *hardened-sources-2.6.10-r3 (20 Jan 2005)
824
825 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
826 +hardened-sources-2.6.10-r3.ebuild:
827 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
828 in 2005.0
829
830 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
831 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
832 hardened-sources-2.4.28-r2.ebuild:
833 Mark stable on x86
834
835 *hardened-sources-2.4.28-r3 (17 Jan 2005)
836
837 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
838 +hardened-sources-2.4.28-r3.ebuild:
839 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
840
841 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
842 hardened-sources-2.4.28.ebuild:
843 Mark stable on x86.
844
845 *hardened-sources-2.4.28-r2 (13 Jan 2005)
846
847 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
848 +hardened-sources-2.4.28-r2.ebuild:
849 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
850 Mazinger for grsecurity patches as well.
851
852 *hardened-sources-2.4.28-r1 (23 Dec 2004)
853
854 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
855 Security bump. Thank tocharian for rolling a new patchset...
856
857 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
858 +files/2.4.28-grsec-cmdline-race.patch,
859 +files/2.4.28-selinux-binfmt_a.out.patch,
860 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
861 - Round up remaining security patches that appear to be missing in 2.4.28. -
862 PaX standalone updated to current. hgpv=28.1
863
864 *hardened-sources-2.4.28 (28 Nov 2004)
865
866 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
867 security bump. Thank tocharian for rolling a new patchset
868
869 *hardened-sources-2.4.27-r3 (08 Sep 2004)
870
871 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
872 +hardened-sources-2.4.27-r3.ebuild:
873 Applies the new 2.4-27.2 patchball which updates
874 GRSecurity to the 2.0.1 version.
875
876 *hardened-sources-2.4.27-r2 (31 Aug 2004)
877
878 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
879 +hardened-sources-2.4.27-r2.ebuild:
880 Version bump.
881 This version uses the new 2.4-27.1 patchball which updates
882 both the SELinux PaX hooks patch and the SELinux headers.
883
884 *hardened-sources-2.4.27-r1 (09 Aug 2004)
885
886 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
887 +hardened-sources-2.4.27-r1.ebuild,
888 -hardened-sources-2.4.27.ebuild,
889 +files/2.4.27-cmdline-race.patch:
890 Version bump, fix for cmdline race. See bug #59905.
891
892 *hardened-sources-2.4.26-r6 (09 Aug 2004)
893
894 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
895 +hardened-sources-2.4.26-r6.ebuild,
896 -hardened-sources-2.4.26-r5.ebuild,
897 -hardened-sources-2.4.26-r4.ebuild,
898 +files/2.4.26-cmdline-race.patch:
899 Version bump, fix for cmdline race. See bug #59905.
900
901 *hardened-sources-2.4.27 (08 Aug 2004)
902
903 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
904 +hardened-sources-2.4.27.ebuild,
905 +files/2.4.27-CAN-2004-0394.patch:
906 Ported the patchball to the 2.4.27 kernel version.
907
908 *hardened-sources-2.4.26-r5 (07 Aug 2004)
909
910 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
911 +hardened-sources-2.4.26-r5.ebuild:
912 Updated to use the new hardened-patches-2.4-26.1 patchball.
913 It adds the following features:
914 - Squashfs
915 - Ebtables
916 - Netdev random (core+drivers)
917 - Watchdog Timer (WDT) fix.
918
919 *hardened-sources-2.4.26-r4 (04 Aug 2004)
920
921 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
922 +hardened-sources-2.4.26-r4.ebuild,
923 +files/2.4.26-CAN-2004-0415.patch,
924 -hardened-sources-2.4.26-3:
925 Version bump, fix for CAN 0415, see bug #59378.
926
927 *hardened-sources-2.4.26-r3 (22 Jul 2004)
928
929 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
930 +hardened-sources-2.4.26-r3.ebuild,
931 +files/2.4.26-CAN-2004-0497.patch,
932 -hardened-sources-2.4.26-r2.ebuild:
933 Version bump, fixed CAN 0497, see bug #56171.
934
935 *hardened-sources-2.4.26-r2 (29 Jun 2004)
936
937 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
938 +hardened-sources-2.4.26-r2.ebuild,
939 +files/2.4.26-CAN-2004-0495.patch,
940 +files/2.4.26-CAN-2004-0535.patch,
941 -hardened-sources-2.4.26-r1.ebuild:
942 Fixes for both CAN 0495 and 0535, see bug #54976
943
944 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
945 hardened-sources-2.4.26-r1.ebuild:
946 QA - fix use invocation
947
948 *hardened-sources-2.4.26-r1 (22 June 2004)
949
950 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
951 +hardened-sources-2.4.26-r1.ebuild,
952 +files/2.4.26-CAN-2004-0394.patch,
953 +files/2.4.26-signal-race.patch,
954 -hardened-sources-2.4.26.ebuild,
955 -hardened-sources-2.4.24-r3.ebuild:
956 Version bump for the CAN-2004-0394 issue and bug #53804
957 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
958
959
960 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
961 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
962 Masked hardened-sources-2.4.26.ebuild broken for ppc
963
964 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
965 hardened-sources-2.4.24-r3.ebuild:
966 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
967
968 *hardened-sources-2.4.26 (29 May 2004)
969
970 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
971 +hardened-sources-2.4.26.ebuild:
972 Updated hardened-sources for the 2.4.26 kernel
973 Removed broken components, updated almost everything.
974
975 *hardened-sources-2.4.24-r3 (17 Apr 2004)
976
977 17 Apr 2004; <plasmaroo@gentoo.org>
978 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
979 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
980 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
981 +hardened-sources-2.4.24-r3.ebuild:
982 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
983 vulnerabilities. Old revisions removed.
984
985 *hardened-sources-2.4.24-r2 (15 Apr 2004)
986
987 15 Apr 2004; <plasmaroo@gentoo.org>
988 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
989 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
990 Version bump for the CAN-2004-0109 issue; bug #47881.
991
992 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
993 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
994 Add eutils to inherit.
995
996 *hardened-sources-2.4.24-r1 (19 Feb 2004)
997
998 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
999 files/hardened-sources-2.4.24.munmap.patch:
1000 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1001
1002 *hardened-sources-2.4.24 (06 Feb 2004)
1003
1004 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1005 hardened-sources-2.4.24.ebuild:
1006 Version bump, updated most of the components.
1007 This release includes the following:
1008
1009 - Hardened security
1010 - Netfilter patch-o-matic 20031219
1011 - FreeSWAN 2.04 & x509 1.4.8
1012 - EVMS 2.2.2
1013 - XFS 1.3.1
1014 - cryptoloop jari
1015 - grsecurity 2.0-rc4
1016 - SELinux
1017 - PaX 200402060000
1018 - PaX Obscurity 200308302223
1019 - Others...
1020
1021 Neither -ck nor systrace are included anymore.
1022
1023 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1024
1025 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1026 hardened-sources-2.4.22-r2.ebuild:
1027 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1028
1029 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1030
1031 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1032 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1033
1034 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1035 hardened-sources-2.4.22-r1.ebuild:
1036 Version bump for the 'do_brk' vulnerability.
1037
1038 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1039 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1040 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1041 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1042 Fix the 'do_brk' vulnerability.
1043
1044 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1045 hardened-sources-2.4.22.ebuild:
1046 - Removed the src_install() portion for SELinux flask
1047 components. These are no longer handled in the kernel
1048 so this code was not necessary.
1049
1050 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1051 New 2.4.22 based hardened-sources thanks to
1052 Phil West <p.west@computer.org>.
1053
1054 These sources include:
1055 - New SELinux API
1056 - Updated CK-base
1057 - Updated GRSec
1058 - Systrace
1059 - SuperFreeS/WAN 1.99.8
1060 - Propolice kernel build support
1061 - EVMS
1062 - Other various security related patches
1063
1064 *hardened-sources-2.4.21 (14 Sep 2003)
1065
1066 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1067 Updated hardened-sources based on the 2.4.21 Linux kernel.
1068 This includes updates to most major components such as:
1069 - ck-base-0306300059
1070 - selinux-2.4-2003071106
1071 - grsecurity-2.0-rc1
1072 - Updated IPTables patch-o-matic
1073 - Updated SuperFreeS/WAN
1074
1075 Thanks to Phil West <pwest@computer.org> for his work in getting this
1076 updated patch set ready for the 2.4.21 based kernel.
1077
1078 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1079 Initial import of hardened-sources-2.4.20-r4. This revision
1080 includes only a few changes, but one of these is an important
1081 security fix. It is recommended all users of hardened-sources
1082 upgrade to this release.
1083
1084 - ioperm bug fix
1085 - fixed compilation failure when building without GRSec
1086
1087 SAL (Secure Auditing for Linux) is NOT included in this revision
1088 due to time constraints, but is planned for inclusion in the near
1089 future.
1090
1091 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1092
1093 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1094 hardened-sources-2.4.20-r3.ebuild:
1095 Add Header...
1096
1097 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1098 hardened-sources-2.4.20-r3.ebuild:
1099 Removed warnings from ebuild. This kernel should be safe to
1100 use at this point.
1101
1102 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1103
1104 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1105 hardened-sources-2.4.20-r3.ebuild:
1106 New revision. Includes the following changes over -r2:
1107
1108 - ck7-base (O(1), preempt, low latency)
1109 - Super FreeS/WAN 1.99.7rc2
1110 - PaX for the LSM/SELinux branch
1111 - GRSecurity 2.0-pre4 (role based access control)
1112 - Systrace 1.3
1113 - EXT3 fixes
1114 - EVMS 2.0.1
1115 - GCC 3.1+ compile optimizations
1116 - ProPolice kernel build support
1117 - Hashing table security fixes
1118
1119 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1120
1121 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1122 Initial import of hardened-sources-r2. This new
1123 ebuild includes many new performance and security
1124 related patches. As in -r1, it will patch in
1125 LSM/SELinux if "selinux" is in USE, otherwise it
1126 will patch in GRSecurity. The following patches
1127 are included in this revision:
1128
1129 - O(1) Scheduler, Low Latency, and Preempt
1130 (pulled from the base CK patch)
1131 - ptrace exploit patch for the LSM kernel
1132 (the GRSec patch already fixes this)
1133 - LSM 2.4-2003040709
1134 - SELinux 2.4-2003040709
1135 - Systrace v1.2
1136 - IPTables patch-o-matic base patches - 20030107
1137 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1138 - Super FreeS/WAN 1.99.6.1
1139 - GRSecurity 1.9.9g
1140 - MPPE
1141 - EXT3 data journal fix
1142 - CIPE 1.5.4
1143
1144 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1145 hardened-sources-2.4.20-r1.ebuild, manifest:
1146 Updated to install flask components correctly for selinux.
1147
1148 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1149 hardened-sources-2.4.20-r1.ebuild:
1150 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1151 is patched in instead. Ptrace patches for selinux have also been added. In
1152 either case, systrace support will be patched in as well.
1153
1154 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1155 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1156 Revision bump for new sources.
1157
1158 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1159 hardened-sources-2.4.20-r1.ebuild:
1160 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1161
1162 *hardened-sources-2.4.20 (30 Mar 2003)
1163
1164 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1165 hardened-sources-2.4.20.ebuild:
1166 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20