/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.198 - (show annotations) (download)
Sun Nov 25 18:25:39 2007 UTC (7 years, 7 months ago) by phreak
Branch: MAIN
Changes since 1.197: +7 -1 lines
Updated patchset, thanks to solar.
(Portage version: 2.1.3.9)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.197 2007/10/31 12:48:57 phreak Exp $
4
5 *hardened-sources-2.6.23-r2 (25 Nov 2007)
6
7 25 Nov 2007; Christian Heim <phreak@gentoo.org>
8 +hardened-sources-2.6.23-r2.ebuild:
9 Updated patchset, thanks to solar.
10
11 *hardened-sources-2.6.23-r1 (31 Oct 2007)
12
13 31 Oct 2007; Christian Heim <phreak@gentoo.org>
14 +hardened-sources-2.6.23-r1.ebuild:
15 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
16
17 29 Oct 2007; <solar@gentoo.org> metadata.xml:
18 - update metadata.xml
19
20 25 Oct 2007; Christian Heim <phreak@gentoo.org>
21 hardened-sources-2.6.22-r8.ebuild:
22 Marking 2.6.22-r8 stable on amd64 and x86.
23
24 21 Oct 2007; Christian Heim <phreak@gentoo.org>
25 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
26 -hardened-sources-2.6.21-r4.ebuild:
27 Removing old ebuilds.
28
29 *hardened-sources-2.4.35-r2 (21 Oct 2007)
30
31 21 Oct 2007; Christian Heim <phreak@gentoo.org>
32 +hardened-sources-2.4.35-r2.ebuild:
33 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
34 patches.
35
36 *hardened-sources-2.6.22-r8 (21 Oct 2007)
37
38 21 Oct 2007; Christian Heim <phreak@gentoo.org>
39 +hardened-sources-2.6.22-r8.ebuild:
40 Yet another new patch, hopefully fixing the remaining issues we had w/
41 2.6.22. Candidate for stabling.
42
43 *hardened-sources-2.6.23 (13 Oct 2007)
44
45 13 Oct 2007; Christian Heim <phreak@gentoo.org>
46 +hardened-sources-2.6.23.ebuild:
47 Initial hardened-sources-2.6.23. If people still have problems w/ bug
48 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
49
50 11 Oct 2007; Christian Heim <phreak@gentoo.org>
51 hardened-sources-2.6.20-r10.ebuild:
52 Pulling in yet another new genpatches version, fixing the PWC bug for real.
53
54 04 Oct 2007; Christian Heim <phreak@gentoo.org>
55 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
56 Removing old versions.
57
58 *hardened-sources-2.6.22-r7 (01 Oct 2007)
59
60 01 Oct 2007; Christian Heim <phreak@gentoo.org>
61 +hardened-sources-2.6.22-r7.ebuild:
62 Revision bump, pulling in a newer patch. Should fix #194276.
63
64 30 Sep 2007; Christian Heim <phreak@gentoo.org>
65 hardened-sources-2.6.20-r10.ebuild:
66 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
67 Mike Doty).
68
69 *hardened-sources-2.6.22-r6 (26 Sep 2007)
70
71 26 Sep 2007; Christian Heim <phreak@gentoo.org>
72 +hardened-sources-2.6.22-r6.ebuild:
73 Revision bump, grabbing up till Linux 2.6.22.9.
74
75 24 Sep 2007; Christian Heim <phreak@gentoo.org>
76 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
77 Cleaning up further.
78
79 *hardened-sources-2.6.20-r10 (24 Sep 2007)
80
81 24 Sep 2007; Christian Heim <phreak@gentoo.org>
82 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
83 +hardened-sources-2.6.20-r10.ebuild:
84 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
85 revisions.
86
87 *hardened-sources-2.6.22-r5 (22 Sep 2007)
88
89 22 Sep 2007; Christian Heim <phreak@gentoo.org>
90 +hardened-sources-2.6.22-r5.ebuild:
91 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
92
93 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
94 Removing johnm from metadata.xml (see #186467 for reference).
95
96 *hardened-sources-2.6.22-r4 (17 Sep 2007)
97
98 17 Sep 2007; Christian Heim <phreak@gentoo.org>
99 +hardened-sources-2.6.22-r4.ebuild:
100 Revision bump, hopefully fixing all those weird PAX failures.
101
102 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
103 Updating the metadata.xml.
104
105 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
106 Removing tocharian from metadata due to his retirement (see #71718 for
107 reference).
108
109 *hardened-sources-2.6.20-r9 (30 Aug 2007)
110
111 30 Aug 2007; Christian Heim <phreak@gentoo.org>
112 +hardened-sources-2.6.20-r9.ebuild:
113 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
114
115 29 Aug 2007; Christian Heim <phreak@gentoo.org>
116 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
117 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
118 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
119 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
120 -hardened-sources-2.6.22-r2.ebuild:
121 Removing some redundant versions.
122
123 *hardened-sources-2.4.35-r1 (29 Aug 2007)
124
125 29 Aug 2007; Christian Heim <phreak@gentoo.org>
126 +hardened-sources-2.4.35-r1.ebuild:
127 Revision bump, new grsecurity patch.
128
129 *hardened-sources-2.6.20-r8 (26 Aug 2007)
130
131 26 Aug 2007; Christian Heim <phreak@gentoo.org>
132 +hardened-sources-2.6.20-r8.ebuild:
133 Revision bump for Linux 2.6.20.17.
134
135 *hardened-sources-2.6.22-r3 (22 Aug 2007)
136
137 22 Aug 2007; Christian Heim <phreak@gentoo.org>
138 +hardened-sources-2.6.22-r3.ebuild:
139 Revision bump for Linux 2.6.22.4.
140
141 16 Aug 2007; Christian Heim <phreak@gentoo.org>
142 hardened-sources-2.6.22-r2.ebuild:
143 Updated patchset, to fix the alignment against 2.6.22.3.
144
145 *hardened-sources-2.6.22-r2 (16 Aug 2007)
146
147 16 Aug 2007; Christian Heim <phreak@gentoo.org>
148 +hardened-sources-2.6.22-r2.ebuild:
149 Revision bump for Linux 2.6.22.3.
150
151 *hardened-sources-2.4.35 (16 Aug 2007)
152
153 16 Aug 2007; Christian Heim <phreak@gentoo.org>
154 +hardened-sources-2.4.35.ebuild:
155 Version bump, initial version for Linux 2.4.35.
156
157 *hardened-sources-2.6.21-r4 (16 Aug 2007)
158
159 16 Aug 2007; Christian Heim <phreak@gentoo.org>
160 +hardened-sources-2.6.21-r4.ebuild:
161 Revision bump for Linux 2.6.21.6.
162
163 *hardened-sources-2.6.20-r7 (16 Aug 2007)
164
165 16 Aug 2007; Christian Heim <phreak@gentoo.org>
166 +hardened-sources-2.6.20-r7.ebuild:
167 Revision bump for Linux 2.6.20.16.
168
169 *hardened-sources-2.6.22-r1 (13 Aug 2007)
170
171 13 Aug 2007; Christian Heim <phreak@gentoo.org>
172 +hardened-sources-2.6.22-r1.ebuild:
173 Yet another revision bump.
174
175 *hardened-sources-2.6.22 (10 Aug 2007)
176
177 10 Aug 2007; Christian Heim <phreak@gentoo.org>
178 +hardened-sources-2.6.22.ebuild:
179 Initial release for 2.6.22. If you are using hardened-sources on a desktop
180 machine (P4 or newer), be aware you might need to disable
181 CONFIG_PAX_PAGEEXEC.
182
183 04 Aug 2007; Christian Heim <phreak@gentoo.org>
184 hardened-sources-2.6.20-r6.ebuild:
185 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
186 2.6.20.15.
187
188 10 Jul 2007; Christian Heim <phreak@gentoo.org>
189 hardened-sources-2.6.20-r5.ebuild:
190 Marking hardened-sources-2.6.20-r5 stable on ppc.
191
192 10 Jul 2007; Christian Heim <phreak@gentoo.org>
193 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
194 Cleanup.
195
196 *hardened-sources-2.6.20-r6 (08 Jul 2007)
197
198 08 Jul 2007; Christian Heim <phreak@gentoo.org>
199 +hardened-sources-2.6.20-r6.ebuild:
200 Revision bump, grabbing yet another stable release.
201
202 17 Jun 2007; Christian Heim <phreak@gentoo.org>
203 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
204 -hardened-sources-2.6.21-r2.ebuild:
205 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
206 alpha stable KEYWORD by mistake.
207
208 17 Jun 2007; Christian Heim <phreak@gentoo.org>
209 hardened-sources-2.6.20-r5.ebuild:
210 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
211 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
212
213 *hardened-sources-2.6.21-r3 (12 Jun 2007)
214
215 12 Jun 2007; Christian Heim <phreak@gentoo.org>
216 +hardened-sources-2.6.21-r3.ebuild:
217 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
218 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
219 love.
220
221 *hardened-sources-2.6.20-r5 (11 Jun 2007)
222
223 11 Jun 2007; Christian Heim <phreak@gentoo.org>
224 +hardened-sources-2.6.20-r5.ebuild:
225 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
226 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
227 love.
228
229 *hardened-sources-2.4.34.5 (11 Jun 2007)
230
231 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
232 +hardened-sources-2.4.34.5.ebuild:
233 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
234
235 30 May 2007; Christian Heim <phreak@gentoo.org>
236 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
237 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
238 stale ebuild(s).
239
240 30 May 2007; Christian Heim <phreak@gentoo.org>
241 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
242 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
243 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
244 Doing some cleanups, remove stale ebuilds.
245
246 26 May 2007; Christian Heim <phreak@gentoo.org>
247 hardened-sources-2.6.21-r2.ebuild:
248 Fixing the grsecurity patch, had one '};' too much.
249
250 *hardened-sources-2.6.21-r2 (26 May 2007)
251
252 26 May 2007; Christian Heim <phreak@gentoo.org>
253 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
254 +hardened-sources-2.6.21-r2.ebuild:
255 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
256 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
257
258 *hardened-sources-2.6.20-r4 (26 May 2007)
259
260 26 May 2007; Christian Heim <phreak@gentoo.org>
261 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
262 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
263 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
264
265 15 May 2007; Christian Heim <phreak@gentoo.org>
266 hardened-sources-2.6.20-r3.ebuild:
267 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
268 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
269 grsecurity patch fail in that exact same hunk.
270
271 *hardened-sources-2.6.20-r3 (15 May 2007)
272
273 15 May 2007; Christian Heim <phreak@gentoo.org>
274 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
275 Revision bump, incorporating Linux 2.6.20.11.
276
277 *hardened-sources-2.6.21-r1 (11 May 2007)
278
279 11 May 2007; Christian Heim <phreak@gentoo.org>
280 +hardened-sources-2.6.21-r1.ebuild:
281 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
282 mentioned in #177234.
283
284 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
285 files/digest-hardened-sources-2.6.21, Manifest:
286 Fix Manifest/digest for linux-2.6.21.tar.bz2
287
288 06 May 2007; Christian Heim <phreak@gentoo.org>
289 hardened-sources-2.6.21.ebuild:
290 Bumping the hardened-patches version, needed for the fix for #177234.
291
292 *hardened-sources-2.6.21 (02 May 2007)
293
294 02 May 2007; Christian Heim <phreak@gentoo.org>
295 +hardened-sources-2.6.21.ebuild:
296 Version bump, Linux 2.6.21-hardened.
297
298 29 Apr 2007; Christian Heim <phreak@gentoo.org>
299 hardened-sources-2.6.20-r2.ebuild:
300 Adding ~ia64 on Ned's request.
301
302 29 Apr 2007; Christian Heim <phreak@gentoo.org>
303 hardened-sources-2.6.20-r2.ebuild:
304 Fixing the included grsecurity patch, wasn't alligning due to the Index:
305 header line(s).
306
307 29 Apr 2007; Christian Heim <phreak@gentoo.org>
308 hardened-sources-2.6.20-r2.ebuild:
309 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
310
311 *hardened-sources-2.6.20-r2 (10 Apr 2007)
312
313 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
314 +hardened-sources-2.6.20-r2.ebuild:
315 Version bump, on behalf of phreak
316
317 *hardened-sources-2.6.20-r1 (04 Apr 2007)
318
319 04 Apr 2007; Christian Heim <phreak@gentoo.org>
320 +hardened-sources-2.6.20-r1.ebuild:
321 Revision bump, grabbing a newer grsecurity snapshot.
322
323 *hardened-sources-2.6.20 (25 Mar 2007)
324
325 25 Mar 2007; Christian Heim <phreak@gentoo.org>
326 +hardened-sources-2.6.20.ebuild:
327 Finally a hardened-sources version for 2.6.20; many people have been waiting
328 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
329 testbox.
330
331 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
332 hardened-sources-2.6.18-r6.ebuild:
333 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
334
335 *hardened-sources-2.6.18-r6 (16 Mar 2007)
336
337 16 Mar 2007; Christian Heim <phreak@gentoo.org>
338 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
339 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
340 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
341 supposed to be.
342
343 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
344 Fixing the Manifest, the previous one was broken (as in still had the
345 deleted ebuild in it).
346
347 06 Mar 2007; Christian Heim <phreak@gentoo.org>
348 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
349 +hardened-sources-2.6.18-r5.ebuild:
350 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
351 Linux 2.6.18.8. Also cleaning up the older version.
352
353 *hardened-sources-2.6.18-r5 (06 Mar 2007)
354
355 06 Mar 2007; Christian Heim <phreak@gentoo.org>
356 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
357 +hardened-sources-2.6.18-r5.ebuild:
358 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
359 Linux 2.6.18.8. Also cleaning up the older version.
360
361 24 Feb 2007; Christian Heim <phreak@gentoo.org>
362 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
363 -hardened-sources-2.6.19-r5.ebuild:
364 Removing some of the old version, that didn't work.
365
366 *hardened-sources-2.6.19-r6 (12 Feb 2007)
367
368 12 Feb 2007; Christian Heim <phreak@gentoo.org>
369 +hardened-sources-2.6.19-r6.ebuild:
370 Revision bump, including a new grsec version fixing #166235.
371
372 *hardened-sources-2.4.34 (24 Jan 2007)
373
374 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
375 Manifest:
376 updating Manifest with checksums of new tarball and ebuild
377
378 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
379 +hardened-sources-2.4.34.ebuild:
380 I added new hardened sources 2.4 update, this is a critical path
381 security bugfix - all users of h-s are strongly advised
382 to update their existing hardened sources to this version.
383 It contains a fix for a kernel vulnerability that is pertaining
384 to the PaX changes to virtual memory management, possibly leading
385 to a local kernel exploit ... see grsecurity.net forums and homepage
386
387 23 Jan 2007; Christian Heim <phreak@gentoo.org>
388 files/digest-hardened-sources-2.6.19-r5, Manifest:
389 Fixing the patch-tarball digest.
390
391 *hardened-sources-2.6.19-r5 (23 Jan 2007)
392
393 23 Jan 2007; Christian Heim <phreak@gentoo.org>
394 +hardened-sources-2.6.19-r5.ebuild:
395 Revision bump, closing the recently discovered PaX expand_stack()
396 vulnerability.
397
398 *hardened-sources-2.6.19-r4 (14 Jan 2007)
399
400 14 Jan 2007; Christian Heim <phreak@gentoo.org>
401 +hardened-sources-2.6.19-r4.ebuild:
402 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
403 dropping the randomized PID feature.
404
405 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
406 hardened-sources-2.4.33.4.ebuild:
407 stable x86, bug #161171
408
409 *hardened-sources-2.6.19-r3 (27 Dec 2006)
410
411 27 Dec 2006; Christian Heim <phreak@gentoo.org>
412 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
413 Revision bump for bug #157186 and #158786.
414
415 *hardened-sources-2.6.18-r4 (27 Dec 2006)
416
417 27 Dec 2006; Christian Heim <phreak@gentoo.org>
418 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
419 Revision bump for bug #157186.
420
421 *hardened-sources-2.6.19-r2 (23 Dec 2006)
422
423 23 Dec 2006; Christian Heim <phreak@gentoo.org>
424 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
425 Revision bump to pull in genpatches-2.6.19-3 for #157186.
426
427 17 Dec 2006; Christian Heim <phreak@gentoo.org>
428 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
429 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
430 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
431 hardened-sources-2.6.19-r1.ebuild:
432 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
433 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
434
435 *hardened-sources-2.4.33.4 (17 Dec 2006)
436
437 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
438 +hardened-sources-2.4.33.4.ebuild:
439 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
440 and quilting
441
442 *hardened-sources-2.6.19-r1 (14 Dec 2006)
443
444 14 Dec 2006; Christian Heim <phreak@gentoo.org>
445 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
446 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
447 for reporting).
448
449 *hardened-sources-2.6.19 (13 Dec 2006)
450
451 13 Dec 2006; Christian Heim <phreak@gentoo.org>
452 +hardened-sources-2.6.19.ebuild:
453 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
454 Brad for providing that prompt update.
455
456 *hardened-sources-2.6.18-r3 (13 Dec 2006)
457
458 13 Dec 2006; Christian Heim <phreak@gentoo.org>
459 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
460 +hardened-sources-2.6.18-r3.ebuild:
461 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
462 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
463
464 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
465 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
466
467 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
468 Stable on ppc wrt bug 157356
469
470 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
471 hardened-sources-2.6.18.ebuild:
472 stable x86, bug #157356
473
474 *hardened-sources-2.6.18-r2 (06 Dec 2006)
475
476 06 Dec 2006; Christian Heim <phreak@gentoo.org>
477 +hardened-sources-2.6.18-r2.ebuild:
478 Revision bump, including 2.6.18.5 (via genpatches) and
479 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
480 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
481 redesign.
482
483 06 Dec 2006; Christian Heim <phreak@gentoo.org>
484 hardened-sources-2.6.18.ebuild:
485 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
486 of Mike Doty).
487
488 *hardened-sources-2.6.18-r1 (23 Nov 2006)
489
490 23 Nov 2006; Christian Heim <phreak@gentoo.org>
491 +hardened-sources-2.6.18-r1.ebuild:
492 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
493
494 *hardened-sources-2.6.18 (11 Nov 2006)
495
496 11 Nov 2006; Christian Heim <phreak@gentoo.org>
497 +hardened-sources-2.6.18.ebuild:
498 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
499
500 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
501 - mark amd64 stable also. bug #151877
502
503 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
504 - mark 2.6.17-r1 stable
505
506 27 Aug 2006; Christian Heim <phreak@gentoo.org>
507 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
508 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
509
510 *hardened-sources-2.6.17-r1 (26 Aug 2006)
511
512 26 Aug 2006; Christian Heim <phreak@gentoo.org>
513 +hardened-sources-2.6.17-r1.ebuild:
514 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
515 grsecurity patch.
516
517 *hardened-sources-2.6.17 (17 Aug 2006)
518
519 17 Aug 2006; Christian Heim <phreak@gentoo.org>
520 +hardened-sources-2.6.17.ebuild:
521 Bumping the hardened-sources-2.6 series to 2.6.17, using
522 genpatches-2.6.17-6.base.
523
524 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
525 - stable on x86 and amd64
526
527 *hardened-sources-2.6.16-r11 (15 Jul 2006)
528
529 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
530 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
531 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
532 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
533 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
534 crusty ebuilds
535
536 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
537 hardened-sources-2.6.16-r10.ebuild:
538 marking stable on x86 and amd64
539
540 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
541 - 2.4.32-r6 stable on x86. RSBAC state unknown
542
543 *hardened-sources-2.4.32-r7 (10 Jul 2006)
544
545 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
546 +hardened-sources-2.4.32-r7.ebuild:
547 Bump PaX for RSBAC to test-17
548
549 *hardened-sources-2.6.16-r9 (03 Jul 2006)
550
551 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
552 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
553 hardened-sources-2.6.16 bump to latest -base.
554
555 *hardened-sources-2.4.32-r6 (30 Jun 2006)
556
557 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
558 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
559 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
560 sysctl controlable resource logging
561
562 *hardened-sources-2.6.16-r7 (05 Jun 2006)
563
564 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
565 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
566 push new 2.6.16 release in preparation for stable
567
568 22 May 2006; <solar@gentoo.org> :
569 - redigest bug 134002
570
571 *hardened-sources-2.4.32-r5 (16 May 2006)
572
573 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
574 +hardened-sources-2.4.32-r5.ebuild:
575 Fixes rsbac common patching (new patch in new -r5 patchset)
576
577 *hardened-sources-2.4.32-r4 (13 May 2006)
578
579 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
580 +hardened-sources-2.4.32-r4.ebuild:
581 - security bumps
582
583 *hardened-sources-2.6.16-r6 (03 May 2006)
584
585 03 May 2006; John Mylchreest <johnm@gentoo.org>
586 +hardened-sources-2.6.16-r6.ebuild:
587 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
588
589 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
590 hardened-sources-2.6.14-r8.ebuild:
591 fix x86_64 build problem, this will delay the digest issue again for a short
592 while but it will sort itself out
593
594 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
595 hardened-sources-2.6.14-r8.ebuild:
596 bump hardened patchset
597
598 27 Apr 2006; Alec Warner <antarus@gentoo.org>
599 files/digest-hardened-sources-2.4.32-r2,
600 files/digest-hardened-sources-2.4.32-r3,
601 files/digest-hardened-sources-2.6.14-r8, Manifest:
602 Fixing duff SHA256 digests: Bug # 131293
603
604 *hardened-sources-2.6.16-r5 (27 Apr 2006)
605
606 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
607 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
608 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
609 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
610 cleanup of old uneccessary sources
611
612 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
613 fix digest
614
615 *hardened-sources-2.6.14-r8 (20 Apr 2006)
616
617 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
618 +hardened-sources-2.6.14-r8.ebuild:
619 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
620
621 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
622 Turning on gpg-signing again, and recomitting
623
624 *hardened-sources-2.6.16-r4 (20 Apr 2006)
625
626 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
627 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
628 +hardened-sources-2.6.16-r4.ebuild:
629 Fix numerous security vulns
630
631 *hardened-sources-2.4.32-r3 (16 Apr 2006)
632
633 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
634 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
635 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
636 - security bump for bug #112791. Removed old ebuilds
637
638 *hardened-sources-2.6.16-r3 (15 Apr 2006)
639
640 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
641 +hardened-sources-2.6.16-r3.ebuild:
642 Removing silly localversion which I missed
643
644 *hardened-sources-2.6.14-r7 (14 Apr 2006)
645
646 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
647 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
648 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
649
650 *hardened-sources-2.6.16-r2 (13 Apr 2006)
651
652 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
653 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
654 +hardened-sources-2.6.16-r2.ebuild:
655 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
656 labels, dropping USERGROUP define fixes, since these were merged mainstream.
657
658 *hardened-sources-2.6.16-r1 (11 Apr 2006)
659
660 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
661 +hardened-sources-2.6.16-r1.ebuild:
662 Bumping to include ppc build fix and 2.6.16.3
663
664 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
665 hardened-sources-2.6.14-r6.ebuild:
666 Stable on x86; bug #127718
667
668 *hardened-sources-2.6.16 (31 Mar 2006)
669
670 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
671 +hardened-sources-2.6.16.ebuild:
672 Bumping to new version of grsec, and kernel base. New squashfs. Based on
673 2.6.16.1
674
675 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
676 hardened-sources-2.6.14-r6.ebuild:
677 Stable on amd64, bug 127718.
678
679 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
680 Stable on ppc. Bug #127718
681
682 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
683 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
684 -hardened-sources-2.6.14-r4.ebuild:
685 Cleanup.
686
687 *hardened-sources-2.6.14-r6 (15 Mar 2006)
688
689 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
690 +hardened-sources-2.6.14-r6.ebuild:
691 Fixes grsec policy recreation bug and adds a
692 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
693
694 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
695 - stable on x86
696
697 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
698 hardened-sources-2.6.14-r5.ebuild:
699 Stable on ppc.
700
701 *hardened-sources-2.6.14-r5 (01 Feb 2006)
702
703 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
704 +hardened-sources-2.6.14-r5.ebuild:
705 fixing every known exploit
706
707 *hardened-sources-2.4.32-r2 (26 Jan 2006)
708
709 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
710 +hardened-sources-2.4.32-r2.ebuild:
711 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
712
713 *hardened-sources-2.6.14-r4 (12 Jan 2006)
714
715 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
716 - version bump for new genpatches which fix up a few sec holes
717
718 *hardened-sources-2.4.32-r1 (05 Jan 2006)
719
720 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
721 - revision bump to add misc vital linux kernel security patches.
722
723 *hardened-sources-2.6.14-r3 (30 Dec 2005)
724
725 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
726 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
727 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
728
729 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
730 hardened-sources-2.6.14-r2.ebuild:
731 making x86 & amd64 stable following testing.
732
733 *hardened-sources-2.6.14-r2 (27 Dec 2005)
734
735 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
736 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
737 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
738 network hooks.
739
740 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
741 hardened-sources-2.6.14-r1.ebuild:
742 bumping to stable early for sec fix on x86 & amd64
743
744 *hardened-sources-2.6.14-r1 (05 Dec 2005)
745
746 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
747 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
748 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
749
750 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
751 - stable on x86 security bug #114227 CAN-2005-3257
752
753 *hardened-sources-2.4.32 (19 Nov 2005)
754
755 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
756 +hardened-sources-2.4.32.ebuild:
757 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
758 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
759 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
760 rsbac >> /etc/portage/package.use)
761
762 *hardened-sources-2.6.14 (14 Nov 2005)
763
764 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
765 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
766 Bumping 2.6 series to 2.6.14.2
767
768 *hardened-sources-2.6.13-r2 (20 Oct 2005)
769
770 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
771 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
772 +hardened-sources-2.6.13-r2.ebuild:
773 Fixes minor build error in ppc.
774
775 *hardened-sources-2.6.13-r1 (17 Oct 2005)
776
777 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
778 +hardened-sources-2.6.13-r1.ebuild:
779 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
780 2.6.13.4, fixes some major amd64 stability problems.
781
782 *hardened-sources-2.6.13 (16 Sep 2005)
783
784 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
785 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
786 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
787 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
788 users should test this thoroughly.
789
790 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
791 - stable on x86
792
793 *hardened-sources-2.6.11-r15 (27 Jun 2005)
794
795 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
796 +hardened-sources-2.6.11-r15.ebuild:
797 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
798 grsec redefining curr_ip struct.
799
800 *hardened-sources-2.4.31 (20 Jun 2005)
801
802 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
803 initial import of 2.4.31 tree
804
805 *hardened-sources-2.6.11-r14 (14 Jun 2005)
806
807 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
808 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
809 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
810 naming scheme to abide by genpatches
811
812 *hardened-sources-2.6.11-r13 (18 May 2005)
813
814 18 May 2005; John Mylchreest <johnm@gentoo.org>
815 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
816 Managed to mangle the Makefile patch from grsec, to miss out the grsec
817 target. sorry about that. Fixes bug #93022
818
819 *hardened-sources-2.6.11-r12 (17 May 2005)
820
821 17 May 2005; John Mylchreest <johnm@gentoo.org>
822 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
823 +hardened-sources-2.6.11-r12.ebuild:
824 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
825 merges in genpatches-base
826
827 *hardened-sources-2.6.11-r12 (17 May 2005)
828
829 17 May 2005; John Mylchreest <johnm@gentoo.org>
830 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
831 +hardened-sources-2.6.11-r12.ebuild:
832 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
833 merges in genpatches-base
834
835 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
836 -files/2.4.27-cmdline-race.patch,
837 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
838 -files/2.4.28-grsec-binfmt_a.out.patch,
839 -files/2.4.28-grsec-cmdline-race.patch,
840 -files/2.4.28-selinux-binfmt_a.out.patch,
841 -files/2.4.28-selinux-cmdline-race.patch,
842 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
843 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
844 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
845 cleanup..
846
847 *hardened-sources-2.4.30-r1 (21 Apr 2005)
848
849 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
850 - disable aout by default
851
852 *hardened-sources-2.4.30 (18 Apr 2005)
853
854 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
855 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
856 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
857 use
858
859 *hardened-sources-2.4.29 (30 Mar 2005)
860
861 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
862 +hardened-sources-2.4.29.ebuild:
863 New hardened-patches-2.4-29.0 patchball.
864 Removed SELinux support, upgraded GRSecurity to 2.1.4.
865
866 *hardened-sources-2.4.28-r5 (06 Mar 2005)
867
868 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
869 +hardened-sources-2.4.28-r5.ebuild:
870 Added a fix for a PaX vulnerability.
871
872 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
873 hardened-sources-2.4.28-r4.ebuild:
874 Stable on x86
875
876 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
877 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
878 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
879 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
880 - fixed/added RDEPEND= in all kernel-2 ebuilds
881
882 *hardened-sources-2.4.28-r4 (21 Jan 2005)
883
884 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
885 +hardened-sources-2.4.28-r4.ebuild:
886 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
887 backport of neighbour hash updates.
888
889 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
890 hardened-sources-2.4.28-r3.ebuild:
891 Stable on x86
892
893 *hardened-sources-2.6.10-r3 (20 Jan 2005)
894
895 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
896 +hardened-sources-2.6.10-r3.ebuild:
897 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
898 in 2005.0
899
900 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
901 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
902 hardened-sources-2.4.28-r2.ebuild:
903 Mark stable on x86
904
905 *hardened-sources-2.4.28-r3 (17 Jan 2005)
906
907 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
908 +hardened-sources-2.4.28-r3.ebuild:
909 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
910
911 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
912 hardened-sources-2.4.28.ebuild:
913 Mark stable on x86.
914
915 *hardened-sources-2.4.28-r2 (13 Jan 2005)
916
917 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
918 +hardened-sources-2.4.28-r2.ebuild:
919 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
920 Mazinger for grsecurity patches as well.
921
922 *hardened-sources-2.4.28-r1 (23 Dec 2004)
923
924 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
925 Security bump. Thank tocharian for rolling a new patchset...
926
927 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
928 +files/2.4.28-grsec-cmdline-race.patch,
929 +files/2.4.28-selinux-binfmt_a.out.patch,
930 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
931 - Round up remaining security patches that appear to be missing in 2.4.28. -
932 PaX standalone updated to current. hgpv=28.1
933
934 *hardened-sources-2.4.28 (28 Nov 2004)
935
936 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
937 security bump. Thank tocharian for rolling a new patchset
938
939 *hardened-sources-2.4.27-r3 (08 Sep 2004)
940
941 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
942 +hardened-sources-2.4.27-r3.ebuild:
943 Applies the new 2.4-27.2 patchball which updates
944 GRSecurity to the 2.0.1 version.
945
946 *hardened-sources-2.4.27-r2 (31 Aug 2004)
947
948 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
949 +hardened-sources-2.4.27-r2.ebuild:
950 Version bump.
951 This version uses the new 2.4-27.1 patchball which updates
952 both the SELinux PaX hooks patch and the SELinux headers.
953
954 *hardened-sources-2.4.27-r1 (09 Aug 2004)
955
956 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
957 +hardened-sources-2.4.27-r1.ebuild,
958 -hardened-sources-2.4.27.ebuild,
959 +files/2.4.27-cmdline-race.patch:
960 Version bump, fix for cmdline race. See bug #59905.
961
962 *hardened-sources-2.4.26-r6 (09 Aug 2004)
963
964 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
965 +hardened-sources-2.4.26-r6.ebuild,
966 -hardened-sources-2.4.26-r5.ebuild,
967 -hardened-sources-2.4.26-r4.ebuild,
968 +files/2.4.26-cmdline-race.patch:
969 Version bump, fix for cmdline race. See bug #59905.
970
971 *hardened-sources-2.4.27 (08 Aug 2004)
972
973 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
974 +hardened-sources-2.4.27.ebuild,
975 +files/2.4.27-CAN-2004-0394.patch:
976 Ported the patchball to the 2.4.27 kernel version.
977
978 *hardened-sources-2.4.26-r5 (07 Aug 2004)
979
980 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
981 +hardened-sources-2.4.26-r5.ebuild:
982 Updated to use the new hardened-patches-2.4-26.1 patchball.
983 It adds the following features:
984 - Squashfs
985 - Ebtables
986 - Netdev random (core+drivers)
987 - Watchdog Timer (WDT) fix.
988
989 *hardened-sources-2.4.26-r4 (04 Aug 2004)
990
991 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
992 +hardened-sources-2.4.26-r4.ebuild,
993 +files/2.4.26-CAN-2004-0415.patch,
994 -hardened-sources-2.4.26-3:
995 Version bump, fix for CAN 0415, see bug #59378.
996
997 *hardened-sources-2.4.26-r3 (22 Jul 2004)
998
999 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1000 +hardened-sources-2.4.26-r3.ebuild,
1001 +files/2.4.26-CAN-2004-0497.patch,
1002 -hardened-sources-2.4.26-r2.ebuild:
1003 Version bump, fixed CAN 0497, see bug #56171.
1004
1005 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1006
1007 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1008 +hardened-sources-2.4.26-r2.ebuild,
1009 +files/2.4.26-CAN-2004-0495.patch,
1010 +files/2.4.26-CAN-2004-0535.patch,
1011 -hardened-sources-2.4.26-r1.ebuild:
1012 Fixes for both CAN 0495 and 0535, see bug #54976
1013
1014 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1015 hardened-sources-2.4.26-r1.ebuild:
1016 QA - fix use invocation
1017
1018 *hardened-sources-2.4.26-r1 (22 June 2004)
1019
1020 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1021 +hardened-sources-2.4.26-r1.ebuild,
1022 +files/2.4.26-CAN-2004-0394.patch,
1023 +files/2.4.26-signal-race.patch,
1024 -hardened-sources-2.4.26.ebuild,
1025 -hardened-sources-2.4.24-r3.ebuild:
1026 Version bump for the CAN-2004-0394 issue and bug #53804
1027 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1028
1029
1030 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1031 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1032 Masked hardened-sources-2.4.26.ebuild broken for ppc
1033
1034 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1035 hardened-sources-2.4.24-r3.ebuild:
1036 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1037
1038 *hardened-sources-2.4.26 (29 May 2004)
1039
1040 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1041 +hardened-sources-2.4.26.ebuild:
1042 Updated hardened-sources for the 2.4.26 kernel
1043 Removed broken components, updated almost everything.
1044
1045 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1046
1047 17 Apr 2004; <plasmaroo@gentoo.org>
1048 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1049 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1050 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1051 +hardened-sources-2.4.24-r3.ebuild:
1052 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1053 vulnerabilities. Old revisions removed.
1054
1055 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1056
1057 15 Apr 2004; <plasmaroo@gentoo.org>
1058 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1059 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1060 Version bump for the CAN-2004-0109 issue; bug #47881.
1061
1062 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1063 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1064 Add eutils to inherit.
1065
1066 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1067
1068 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1069 files/hardened-sources-2.4.24.munmap.patch:
1070 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1071
1072 *hardened-sources-2.4.24 (06 Feb 2004)
1073
1074 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1075 hardened-sources-2.4.24.ebuild:
1076 Version bump, updated most of the components.
1077 This release includes the following:
1078
1079 - Hardened security
1080 - Netfilter patch-o-matic 20031219
1081 - FreeSWAN 2.04 & x509 1.4.8
1082 - EVMS 2.2.2
1083 - XFS 1.3.1
1084 - cryptoloop jari
1085 - grsecurity 2.0-rc4
1086 - SELinux
1087 - PaX 200402060000
1088 - PaX Obscurity 200308302223
1089 - Others...
1090
1091 Neither -ck nor systrace are included anymore.
1092
1093 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1094
1095 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1096 hardened-sources-2.4.22-r2.ebuild:
1097 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1098
1099 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1100
1101 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1102 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1103
1104 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1105 hardened-sources-2.4.22-r1.ebuild:
1106 Version bump for the 'do_brk' vulnerability.
1107
1108 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1109 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1110 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1111 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1112 Fix the 'do_brk' vulnerability.
1113
1114 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1115 hardened-sources-2.4.22.ebuild:
1116 - Removed the src_install() portion for SELinux flask
1117 components. These are no longer handled in the kernel
1118 so this code was not necessary.
1119
1120 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1121 New 2.4.22 based hardened-sources thanks to
1122 Phil West <p.west@computer.org>.
1123
1124 These sources include:
1125 - New SELinux API
1126 - Updated CK-base
1127 - Updated GRSec
1128 - Systrace
1129 - SuperFreeS/WAN 1.99.8
1130 - Propolice kernel build support
1131 - EVMS
1132 - Other various security related patches
1133
1134 *hardened-sources-2.4.21 (14 Sep 2003)
1135
1136 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1137 Updated hardened-sources based on the 2.4.21 Linux kernel.
1138 This includes updates to most major components such as:
1139 - ck-base-0306300059
1140 - selinux-2.4-2003071106
1141 - grsecurity-2.0-rc1
1142 - Updated IPTables patch-o-matic
1143 - Updated SuperFreeS/WAN
1144
1145 Thanks to Phil West <pwest@computer.org> for his work in getting this
1146 updated patch set ready for the 2.4.21 based kernel.
1147
1148 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1149 Initial import of hardened-sources-2.4.20-r4. This revision
1150 includes only a few changes, but one of these is an important
1151 security fix. It is recommended all users of hardened-sources
1152 upgrade to this release.
1153
1154 - ioperm bug fix
1155 - fixed compilation failure when building without GRSec
1156
1157 SAL (Secure Auditing for Linux) is NOT included in this revision
1158 due to time constraints, but is planned for inclusion in the near
1159 future.
1160
1161 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1162
1163 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1164 hardened-sources-2.4.20-r3.ebuild:
1165 Add Header...
1166
1167 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1168 hardened-sources-2.4.20-r3.ebuild:
1169 Removed warnings from ebuild. This kernel should be safe to
1170 use at this point.
1171
1172 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1173
1174 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1175 hardened-sources-2.4.20-r3.ebuild:
1176 New revision. Includes the following changes over -r2:
1177
1178 - ck7-base (O(1), preempt, low latency)
1179 - Super FreeS/WAN 1.99.7rc2
1180 - PaX for the LSM/SELinux branch
1181 - GRSecurity 2.0-pre4 (role based access control)
1182 - Systrace 1.3
1183 - EXT3 fixes
1184 - EVMS 2.0.1
1185 - GCC 3.1+ compile optimizations
1186 - ProPolice kernel build support
1187 - Hashing table security fixes
1188
1189 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1190
1191 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1192 Initial import of hardened-sources-r2. This new
1193 ebuild includes many new performance and security
1194 related patches. As in -r1, it will patch in
1195 LSM/SELinux if "selinux" is in USE, otherwise it
1196 will patch in GRSecurity. The following patches
1197 are included in this revision:
1198
1199 - O(1) Scheduler, Low Latency, and Preempt
1200 (pulled from the base CK patch)
1201 - ptrace exploit patch for the LSM kernel
1202 (the GRSec patch already fixes this)
1203 - LSM 2.4-2003040709
1204 - SELinux 2.4-2003040709
1205 - Systrace v1.2
1206 - IPTables patch-o-matic base patches - 20030107
1207 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1208 - Super FreeS/WAN 1.99.6.1
1209 - GRSecurity 1.9.9g
1210 - MPPE
1211 - EXT3 data journal fix
1212 - CIPE 1.5.4
1213
1214 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1215 hardened-sources-2.4.20-r1.ebuild, manifest:
1216 Updated to install flask components correctly for selinux.
1217
1218 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1219 hardened-sources-2.4.20-r1.ebuild:
1220 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1221 is patched in instead. Ptrace patches for selinux have also been added. In
1222 either case, systrace support will be patched in as well.
1223
1224 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1225 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1226 Revision bump for new sources.
1227
1228 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1229 hardened-sources-2.4.20-r1.ebuild:
1230 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1231
1232 *hardened-sources-2.4.20 (30 Mar 2003)
1233
1234 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1235 hardened-sources-2.4.20.ebuild:
1236 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20