/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.223 - (show annotations) (download)
Sun May 11 07:56:17 2008 UTC (7 years, 1 month ago) by solar
Branch: MAIN
Changes since 1.222: +15 -1 lines
- proxy commit for gengor
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.222 2008/05/10 07:26:16 nixnut Exp $
4
5 *hardened-sources-2.6.24-r2 (11 May 2008)
6 *hardened-sources-2.6.23-r12 (11 May 2008)
7
8 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
9 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
10 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
11 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
12 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
13 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
14 security bugs 219901, 220691, 220975, 220979, 221123. New
15 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
16 should be removed as far as I'm concerned, everything else remove due to
17 vulnerable to numerous security bugs or brokeness.
18
19 10 May 2008; nixnut <nixnut@gentoo.org>
20 hardened-sources-2.6.23-r11.ebuild:
21 Stable on ppc
22
23 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
24 - -r11 stable on x86/amd64
25
26 *hardened-sources-2.6.23-r11 (01 May 2008)
27
28 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
29 - version bump to fix ulgy linux bugs
30
31 *hardened-sources-2.6.24-r1 (30 Apr 2008)
32
33 30 Apr 2008; Christian Heim <phreak@gentoo.org>
34 +hardened-sources-2.6.24-r1.ebuild:
35 Revision bump (thanks to Kerin and Gordon, again), pulling
36 genpatches-2.6.24-7, solving #219089. Additionally contains further security
37 fixes plus some minor updates.
38
39 *hardened-sources-2.6.23-r10 (30 Apr 2008)
40
41 30 Apr 2008; Christian Heim <phreak@gentoo.org>
42 +hardened-sources-2.6.23-r10.ebuild:
43 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
44 Additional contains "various other fixes".
45
46 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
47 Update the longdescription in metadata, thanks to Gordon Malm.
48
49 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
50 Stable on ppc wrt bug #213255
51
52 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
53 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
54 - stable on x86/amd64 per request. Removed obsolete ebuilds
55
56 *hardened-sources-2.6.24 (07 Apr 2008)
57
58 07 Apr 2008; Christian Heim <phreak@gentoo.org>
59 +hardened-sources-2.6.24.ebuild:
60 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
61 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
62 for the many contributions and their continued effort in #216612) based on
63 2.6.24 and genpatches-2.6.24-5.
64
65 The current ebuild/patchset contains these things:
66 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
67 * Introduces bespoke server and workstation oriented security levels
68 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
69
70 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
71 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
72 maintaining it).
73
74 24 Mar 2008; Christian Heim <phreak@gentoo.org>
75 hardened-sources-2.4.35-r2.ebuild:
76 Fixing SRC_URI for 2.4.35-r2.
77
78 *hardened-sources-2.6.23-r9 (22 Mar 2008)
79
80 22 Mar 2008; Christian Heim <phreak@gentoo.org>
81 +hardened-sources-2.6.23-r9.ebuild:
82 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
83 * Change the default GIDs for some grsecurity options
84 * Revamp the Hardened [Gentoo] security level and make it the default level
85 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
86 * Fix a recursive lock -- call to capable() within ptrace_attach()
87 * Fix bug that allows audit and iscsi operations to be controlled via netlink
88
89 *hardened-sources-2.6.23-r8 (27 Feb 2008)
90
91 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
92 - version bump from Kerin Millar bug 210026
93
94 17 Feb 2008; <solar@gentoo.org> metadata.xml,
95 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
96 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
97 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
98 - stable on x86 and remove old ebuilds
99
100 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
101 - stable on amd64 per request of amd64 lead
102
103 *hardened-sources-2.6.23-r7 (11 Feb 2008)
104
105 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
106 - version bump from kerin.millar
107 Changes:
108
109 * Bump to genpatches-base-2.6.23-9
110 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
111 * Disables COMPAT_VDSO in x86/defconfig
112 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
113
114 25 Jan 2008; Christian Heim <phreak@gentoo.org>
115 -hardened-sources-2.6.22-r8.ebuild:
116 Cleaning up old versions.
117
118 *hardened-sources-2.6.23-r6 (25 Jan 2008)
119
120 25 Jan 2008; Christian Heim <phreak@gentoo.org>
121 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
122 Revision bump, pulling in the latest genpatches.
123
124 *hardened-sources-2.6.23-r5 (24 Dec 2007)
125
126 24 Dec 2007; Christian Heim <phreak@gentoo.org>
127 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
128 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
129 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
130 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
131
132 24 Dec 2007; Christian Heim <phreak@gentoo.org>
133 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
134 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
135 -hardened-sources-2.6.23-r3.ebuild:
136 Cleaning out some unused, old versions.
137
138 24 Dec 2007; Christian Heim <phreak@gentoo.org>
139 hardened-sources-2.6.23-r4.ebuild:
140 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
141 in the tree for long, but there isn't much of a difference between this and
142 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
143
144 *hardened-sources-2.6.23-r4 (23 Dec 2007)
145
146 23 Dec 2007; Christian Heim <phreak@gentoo.org>
147 +hardened-sources-2.6.23-r4.ebuild:
148 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
149
150 *hardened-sources-2.6.23-r3 (04 Dec 2007)
151
152 04 Dec 2007; Christian Heim <phreak@gentoo.org>
153 +hardened-sources-2.6.23-r3.ebuild:
154 Revision bump, pulling in 2.6.23.9.
155
156 *hardened-sources-2.6.23-r2 (25 Nov 2007)
157
158 25 Nov 2007; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.23-r2.ebuild:
160 Updated patchset, thanks to solar.
161
162 *hardened-sources-2.6.23-r1 (31 Oct 2007)
163
164 31 Oct 2007; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.23-r1.ebuild:
166 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
167
168 29 Oct 2007; <solar@gentoo.org> metadata.xml:
169 - update metadata.xml
170
171 25 Oct 2007; Christian Heim <phreak@gentoo.org>
172 hardened-sources-2.6.22-r8.ebuild:
173 Marking 2.6.22-r8 stable on amd64 and x86.
174
175 21 Oct 2007; Christian Heim <phreak@gentoo.org>
176 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
177 -hardened-sources-2.6.21-r4.ebuild:
178 Removing old ebuilds.
179
180 *hardened-sources-2.4.35-r2 (21 Oct 2007)
181
182 21 Oct 2007; Christian Heim <phreak@gentoo.org>
183 +hardened-sources-2.4.35-r2.ebuild:
184 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
185 patches.
186
187 *hardened-sources-2.6.22-r8 (21 Oct 2007)
188
189 21 Oct 2007; Christian Heim <phreak@gentoo.org>
190 +hardened-sources-2.6.22-r8.ebuild:
191 Yet another new patch, hopefully fixing the remaining issues we had w/
192 2.6.22. Candidate for stabling.
193
194 *hardened-sources-2.6.23 (13 Oct 2007)
195
196 13 Oct 2007; Christian Heim <phreak@gentoo.org>
197 +hardened-sources-2.6.23.ebuild:
198 Initial hardened-sources-2.6.23. If people still have problems w/ bug
199 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
200
201 11 Oct 2007; Christian Heim <phreak@gentoo.org>
202 hardened-sources-2.6.20-r10.ebuild:
203 Pulling in yet another new genpatches version, fixing the PWC bug for real.
204
205 04 Oct 2007; Christian Heim <phreak@gentoo.org>
206 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
207 Removing old versions.
208
209 *hardened-sources-2.6.22-r7 (01 Oct 2007)
210
211 01 Oct 2007; Christian Heim <phreak@gentoo.org>
212 +hardened-sources-2.6.22-r7.ebuild:
213 Revision bump, pulling in a newer patch. Should fix #194276.
214
215 30 Sep 2007; Christian Heim <phreak@gentoo.org>
216 hardened-sources-2.6.20-r10.ebuild:
217 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
218 Mike Doty).
219
220 *hardened-sources-2.6.22-r6 (26 Sep 2007)
221
222 26 Sep 2007; Christian Heim <phreak@gentoo.org>
223 +hardened-sources-2.6.22-r6.ebuild:
224 Revision bump, grabbing up till Linux 2.6.22.9.
225
226 24 Sep 2007; Christian Heim <phreak@gentoo.org>
227 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
228 Cleaning up further.
229
230 *hardened-sources-2.6.20-r10 (24 Sep 2007)
231
232 24 Sep 2007; Christian Heim <phreak@gentoo.org>
233 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
234 +hardened-sources-2.6.20-r10.ebuild:
235 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
236 revisions.
237
238 *hardened-sources-2.6.22-r5 (22 Sep 2007)
239
240 22 Sep 2007; Christian Heim <phreak@gentoo.org>
241 +hardened-sources-2.6.22-r5.ebuild:
242 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
243
244 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
245 Removing johnm from metadata.xml (see #186467 for reference).
246
247 *hardened-sources-2.6.22-r4 (17 Sep 2007)
248
249 17 Sep 2007; Christian Heim <phreak@gentoo.org>
250 +hardened-sources-2.6.22-r4.ebuild:
251 Revision bump, hopefully fixing all those weird PAX failures.
252
253 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
254 Updating the metadata.xml.
255
256 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
257 Removing tocharian from metadata due to his retirement (see #71718 for
258 reference).
259
260 *hardened-sources-2.6.20-r9 (30 Aug 2007)
261
262 30 Aug 2007; Christian Heim <phreak@gentoo.org>
263 +hardened-sources-2.6.20-r9.ebuild:
264 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
265
266 29 Aug 2007; Christian Heim <phreak@gentoo.org>
267 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
268 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
269 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
270 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
271 -hardened-sources-2.6.22-r2.ebuild:
272 Removing some redundant versions.
273
274 *hardened-sources-2.4.35-r1 (29 Aug 2007)
275
276 29 Aug 2007; Christian Heim <phreak@gentoo.org>
277 +hardened-sources-2.4.35-r1.ebuild:
278 Revision bump, new grsecurity patch.
279
280 *hardened-sources-2.6.20-r8 (26 Aug 2007)
281
282 26 Aug 2007; Christian Heim <phreak@gentoo.org>
283 +hardened-sources-2.6.20-r8.ebuild:
284 Revision bump for Linux 2.6.20.17.
285
286 *hardened-sources-2.6.22-r3 (22 Aug 2007)
287
288 22 Aug 2007; Christian Heim <phreak@gentoo.org>
289 +hardened-sources-2.6.22-r3.ebuild:
290 Revision bump for Linux 2.6.22.4.
291
292 16 Aug 2007; Christian Heim <phreak@gentoo.org>
293 hardened-sources-2.6.22-r2.ebuild:
294 Updated patchset, to fix the alignment against 2.6.22.3.
295
296 *hardened-sources-2.6.22-r2 (16 Aug 2007)
297
298 16 Aug 2007; Christian Heim <phreak@gentoo.org>
299 +hardened-sources-2.6.22-r2.ebuild:
300 Revision bump for Linux 2.6.22.3.
301
302 *hardened-sources-2.4.35 (16 Aug 2007)
303
304 16 Aug 2007; Christian Heim <phreak@gentoo.org>
305 +hardened-sources-2.4.35.ebuild:
306 Version bump, initial version for Linux 2.4.35.
307
308 *hardened-sources-2.6.21-r4 (16 Aug 2007)
309
310 16 Aug 2007; Christian Heim <phreak@gentoo.org>
311 +hardened-sources-2.6.21-r4.ebuild:
312 Revision bump for Linux 2.6.21.6.
313
314 *hardened-sources-2.6.20-r7 (16 Aug 2007)
315
316 16 Aug 2007; Christian Heim <phreak@gentoo.org>
317 +hardened-sources-2.6.20-r7.ebuild:
318 Revision bump for Linux 2.6.20.16.
319
320 *hardened-sources-2.6.22-r1 (13 Aug 2007)
321
322 13 Aug 2007; Christian Heim <phreak@gentoo.org>
323 +hardened-sources-2.6.22-r1.ebuild:
324 Yet another revision bump.
325
326 *hardened-sources-2.6.22 (10 Aug 2007)
327
328 10 Aug 2007; Christian Heim <phreak@gentoo.org>
329 +hardened-sources-2.6.22.ebuild:
330 Initial release for 2.6.22. If you are using hardened-sources on a desktop
331 machine (P4 or newer), be aware you might need to disable
332 CONFIG_PAX_PAGEEXEC.
333
334 04 Aug 2007; Christian Heim <phreak@gentoo.org>
335 hardened-sources-2.6.20-r6.ebuild:
336 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
337 2.6.20.15.
338
339 10 Jul 2007; Christian Heim <phreak@gentoo.org>
340 hardened-sources-2.6.20-r5.ebuild:
341 Marking hardened-sources-2.6.20-r5 stable on ppc.
342
343 10 Jul 2007; Christian Heim <phreak@gentoo.org>
344 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
345 Cleanup.
346
347 *hardened-sources-2.6.20-r6 (08 Jul 2007)
348
349 08 Jul 2007; Christian Heim <phreak@gentoo.org>
350 +hardened-sources-2.6.20-r6.ebuild:
351 Revision bump, grabbing yet another stable release.
352
353 17 Jun 2007; Christian Heim <phreak@gentoo.org>
354 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
355 -hardened-sources-2.6.21-r2.ebuild:
356 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
357 alpha stable KEYWORD by mistake.
358
359 17 Jun 2007; Christian Heim <phreak@gentoo.org>
360 hardened-sources-2.6.20-r5.ebuild:
361 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
362 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
363
364 *hardened-sources-2.6.21-r3 (12 Jun 2007)
365
366 12 Jun 2007; Christian Heim <phreak@gentoo.org>
367 +hardened-sources-2.6.21-r3.ebuild:
368 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
369 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
370 love.
371
372 *hardened-sources-2.6.20-r5 (11 Jun 2007)
373
374 11 Jun 2007; Christian Heim <phreak@gentoo.org>
375 +hardened-sources-2.6.20-r5.ebuild:
376 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
377 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
378 love.
379
380 *hardened-sources-2.4.34.5 (11 Jun 2007)
381
382 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
383 +hardened-sources-2.4.34.5.ebuild:
384 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
385
386 30 May 2007; Christian Heim <phreak@gentoo.org>
387 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
388 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
389 stale ebuild(s).
390
391 30 May 2007; Christian Heim <phreak@gentoo.org>
392 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
393 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
394 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
395 Doing some cleanups, remove stale ebuilds.
396
397 26 May 2007; Christian Heim <phreak@gentoo.org>
398 hardened-sources-2.6.21-r2.ebuild:
399 Fixing the grsecurity patch, had one '};' too much.
400
401 *hardened-sources-2.6.21-r2 (26 May 2007)
402
403 26 May 2007; Christian Heim <phreak@gentoo.org>
404 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
405 +hardened-sources-2.6.21-r2.ebuild:
406 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
407 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
408
409 *hardened-sources-2.6.20-r4 (26 May 2007)
410
411 26 May 2007; Christian Heim <phreak@gentoo.org>
412 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
413 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
414 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
415
416 15 May 2007; Christian Heim <phreak@gentoo.org>
417 hardened-sources-2.6.20-r3.ebuild:
418 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
419 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
420 grsecurity patch fail in that exact same hunk.
421
422 *hardened-sources-2.6.20-r3 (15 May 2007)
423
424 15 May 2007; Christian Heim <phreak@gentoo.org>
425 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
426 Revision bump, incorporating Linux 2.6.20.11.
427
428 *hardened-sources-2.6.21-r1 (11 May 2007)
429
430 11 May 2007; Christian Heim <phreak@gentoo.org>
431 +hardened-sources-2.6.21-r1.ebuild:
432 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
433 mentioned in #177234.
434
435 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
436 files/digest-hardened-sources-2.6.21, Manifest:
437 Fix Manifest/digest for linux-2.6.21.tar.bz2
438
439 06 May 2007; Christian Heim <phreak@gentoo.org>
440 hardened-sources-2.6.21.ebuild:
441 Bumping the hardened-patches version, needed for the fix for #177234.
442
443 *hardened-sources-2.6.21 (02 May 2007)
444
445 02 May 2007; Christian Heim <phreak@gentoo.org>
446 +hardened-sources-2.6.21.ebuild:
447 Version bump, Linux 2.6.21-hardened.
448
449 29 Apr 2007; Christian Heim <phreak@gentoo.org>
450 hardened-sources-2.6.20-r2.ebuild:
451 Adding ~ia64 on Ned's request.
452
453 29 Apr 2007; Christian Heim <phreak@gentoo.org>
454 hardened-sources-2.6.20-r2.ebuild:
455 Fixing the included grsecurity patch, wasn't alligning due to the Index:
456 header line(s).
457
458 29 Apr 2007; Christian Heim <phreak@gentoo.org>
459 hardened-sources-2.6.20-r2.ebuild:
460 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
461
462 *hardened-sources-2.6.20-r2 (10 Apr 2007)
463
464 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
465 +hardened-sources-2.6.20-r2.ebuild:
466 Version bump, on behalf of phreak
467
468 *hardened-sources-2.6.20-r1 (04 Apr 2007)
469
470 04 Apr 2007; Christian Heim <phreak@gentoo.org>
471 +hardened-sources-2.6.20-r1.ebuild:
472 Revision bump, grabbing a newer grsecurity snapshot.
473
474 *hardened-sources-2.6.20 (25 Mar 2007)
475
476 25 Mar 2007; Christian Heim <phreak@gentoo.org>
477 +hardened-sources-2.6.20.ebuild:
478 Finally a hardened-sources version for 2.6.20; many people have been waiting
479 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
480 testbox.
481
482 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
483 hardened-sources-2.6.18-r6.ebuild:
484 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
485
486 *hardened-sources-2.6.18-r6 (16 Mar 2007)
487
488 16 Mar 2007; Christian Heim <phreak@gentoo.org>
489 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
490 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
491 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
492 supposed to be.
493
494 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
495 Fixing the Manifest, the previous one was broken (as in still had the
496 deleted ebuild in it).
497
498 06 Mar 2007; Christian Heim <phreak@gentoo.org>
499 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
500 +hardened-sources-2.6.18-r5.ebuild:
501 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
502 Linux 2.6.18.8. Also cleaning up the older version.
503
504 *hardened-sources-2.6.18-r5 (06 Mar 2007)
505
506 06 Mar 2007; Christian Heim <phreak@gentoo.org>
507 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
508 +hardened-sources-2.6.18-r5.ebuild:
509 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
510 Linux 2.6.18.8. Also cleaning up the older version.
511
512 24 Feb 2007; Christian Heim <phreak@gentoo.org>
513 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
514 -hardened-sources-2.6.19-r5.ebuild:
515 Removing some of the old version, that didn't work.
516
517 *hardened-sources-2.6.19-r6 (12 Feb 2007)
518
519 12 Feb 2007; Christian Heim <phreak@gentoo.org>
520 +hardened-sources-2.6.19-r6.ebuild:
521 Revision bump, including a new grsec version fixing #166235.
522
523 *hardened-sources-2.4.34 (24 Jan 2007)
524
525 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
526 Manifest:
527 updating Manifest with checksums of new tarball and ebuild
528
529 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
530 +hardened-sources-2.4.34.ebuild:
531 I added new hardened sources 2.4 update, this is a critical path
532 security bugfix - all users of h-s are strongly advised
533 to update their existing hardened sources to this version.
534 It contains a fix for a kernel vulnerability that is pertaining
535 to the PaX changes to virtual memory management, possibly leading
536 to a local kernel exploit ... see grsecurity.net forums and homepage
537
538 23 Jan 2007; Christian Heim <phreak@gentoo.org>
539 files/digest-hardened-sources-2.6.19-r5, Manifest:
540 Fixing the patch-tarball digest.
541
542 *hardened-sources-2.6.19-r5 (23 Jan 2007)
543
544 23 Jan 2007; Christian Heim <phreak@gentoo.org>
545 +hardened-sources-2.6.19-r5.ebuild:
546 Revision bump, closing the recently discovered PaX expand_stack()
547 vulnerability.
548
549 *hardened-sources-2.6.19-r4 (14 Jan 2007)
550
551 14 Jan 2007; Christian Heim <phreak@gentoo.org>
552 +hardened-sources-2.6.19-r4.ebuild:
553 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
554 dropping the randomized PID feature.
555
556 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
557 hardened-sources-2.4.33.4.ebuild:
558 stable x86, bug #161171
559
560 *hardened-sources-2.6.19-r3 (27 Dec 2006)
561
562 27 Dec 2006; Christian Heim <phreak@gentoo.org>
563 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
564 Revision bump for bug #157186 and #158786.
565
566 *hardened-sources-2.6.18-r4 (27 Dec 2006)
567
568 27 Dec 2006; Christian Heim <phreak@gentoo.org>
569 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
570 Revision bump for bug #157186.
571
572 *hardened-sources-2.6.19-r2 (23 Dec 2006)
573
574 23 Dec 2006; Christian Heim <phreak@gentoo.org>
575 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
576 Revision bump to pull in genpatches-2.6.19-3 for #157186.
577
578 17 Dec 2006; Christian Heim <phreak@gentoo.org>
579 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
580 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
581 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
582 hardened-sources-2.6.19-r1.ebuild:
583 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
584 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
585
586 *hardened-sources-2.4.33.4 (17 Dec 2006)
587
588 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
589 +hardened-sources-2.4.33.4.ebuild:
590 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
591 and quilting
592
593 *hardened-sources-2.6.19-r1 (14 Dec 2006)
594
595 14 Dec 2006; Christian Heim <phreak@gentoo.org>
596 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
597 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
598 for reporting).
599
600 *hardened-sources-2.6.19 (13 Dec 2006)
601
602 13 Dec 2006; Christian Heim <phreak@gentoo.org>
603 +hardened-sources-2.6.19.ebuild:
604 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
605 Brad for providing that prompt update.
606
607 *hardened-sources-2.6.18-r3 (13 Dec 2006)
608
609 13 Dec 2006; Christian Heim <phreak@gentoo.org>
610 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
611 +hardened-sources-2.6.18-r3.ebuild:
612 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
613 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
614
615 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
616 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
617
618 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
619 Stable on ppc wrt bug 157356
620
621 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
622 hardened-sources-2.6.18.ebuild:
623 stable x86, bug #157356
624
625 *hardened-sources-2.6.18-r2 (06 Dec 2006)
626
627 06 Dec 2006; Christian Heim <phreak@gentoo.org>
628 +hardened-sources-2.6.18-r2.ebuild:
629 Revision bump, including 2.6.18.5 (via genpatches) and
630 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
631 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
632 redesign.
633
634 06 Dec 2006; Christian Heim <phreak@gentoo.org>
635 hardened-sources-2.6.18.ebuild:
636 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
637 of Mike Doty).
638
639 *hardened-sources-2.6.18-r1 (23 Nov 2006)
640
641 23 Nov 2006; Christian Heim <phreak@gentoo.org>
642 +hardened-sources-2.6.18-r1.ebuild:
643 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
644
645 *hardened-sources-2.6.18 (11 Nov 2006)
646
647 11 Nov 2006; Christian Heim <phreak@gentoo.org>
648 +hardened-sources-2.6.18.ebuild:
649 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
650
651 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
652 - mark amd64 stable also. bug #151877
653
654 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
655 - mark 2.6.17-r1 stable
656
657 27 Aug 2006; Christian Heim <phreak@gentoo.org>
658 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
659 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
660
661 *hardened-sources-2.6.17-r1 (26 Aug 2006)
662
663 26 Aug 2006; Christian Heim <phreak@gentoo.org>
664 +hardened-sources-2.6.17-r1.ebuild:
665 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
666 grsecurity patch.
667
668 *hardened-sources-2.6.17 (17 Aug 2006)
669
670 17 Aug 2006; Christian Heim <phreak@gentoo.org>
671 +hardened-sources-2.6.17.ebuild:
672 Bumping the hardened-sources-2.6 series to 2.6.17, using
673 genpatches-2.6.17-6.base.
674
675 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
676 - stable on x86 and amd64
677
678 *hardened-sources-2.6.16-r11 (15 Jul 2006)
679
680 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
681 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
682 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
683 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
684 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
685 crusty ebuilds
686
687 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
688 hardened-sources-2.6.16-r10.ebuild:
689 marking stable on x86 and amd64
690
691 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
692 - 2.4.32-r6 stable on x86. RSBAC state unknown
693
694 *hardened-sources-2.4.32-r7 (10 Jul 2006)
695
696 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
697 +hardened-sources-2.4.32-r7.ebuild:
698 Bump PaX for RSBAC to test-17
699
700 *hardened-sources-2.6.16-r9 (03 Jul 2006)
701
702 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
703 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
704 hardened-sources-2.6.16 bump to latest -base.
705
706 *hardened-sources-2.4.32-r6 (30 Jun 2006)
707
708 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
709 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
710 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
711 sysctl controlable resource logging
712
713 *hardened-sources-2.6.16-r7 (05 Jun 2006)
714
715 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
716 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
717 push new 2.6.16 release in preparation for stable
718
719 22 May 2006; <solar@gentoo.org> :
720 - redigest bug 134002
721
722 *hardened-sources-2.4.32-r5 (16 May 2006)
723
724 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
725 +hardened-sources-2.4.32-r5.ebuild:
726 Fixes rsbac common patching (new patch in new -r5 patchset)
727
728 *hardened-sources-2.4.32-r4 (13 May 2006)
729
730 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
731 +hardened-sources-2.4.32-r4.ebuild:
732 - security bumps
733
734 *hardened-sources-2.6.16-r6 (03 May 2006)
735
736 03 May 2006; John Mylchreest <johnm@gentoo.org>
737 +hardened-sources-2.6.16-r6.ebuild:
738 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
739
740 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
741 hardened-sources-2.6.14-r8.ebuild:
742 fix x86_64 build problem, this will delay the digest issue again for a short
743 while but it will sort itself out
744
745 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
746 hardened-sources-2.6.14-r8.ebuild:
747 bump hardened patchset
748
749 27 Apr 2006; Alec Warner <antarus@gentoo.org>
750 files/digest-hardened-sources-2.4.32-r2,
751 files/digest-hardened-sources-2.4.32-r3,
752 files/digest-hardened-sources-2.6.14-r8, Manifest:
753 Fixing duff SHA256 digests: Bug # 131293
754
755 *hardened-sources-2.6.16-r5 (27 Apr 2006)
756
757 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
758 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
759 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
760 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
761 cleanup of old uneccessary sources
762
763 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
764 fix digest
765
766 *hardened-sources-2.6.14-r8 (20 Apr 2006)
767
768 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
769 +hardened-sources-2.6.14-r8.ebuild:
770 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
771
772 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
773 Turning on gpg-signing again, and recomitting
774
775 *hardened-sources-2.6.16-r4 (20 Apr 2006)
776
777 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
778 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
779 +hardened-sources-2.6.16-r4.ebuild:
780 Fix numerous security vulns
781
782 *hardened-sources-2.4.32-r3 (16 Apr 2006)
783
784 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
785 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
786 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
787 - security bump for bug #112791. Removed old ebuilds
788
789 *hardened-sources-2.6.16-r3 (15 Apr 2006)
790
791 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
792 +hardened-sources-2.6.16-r3.ebuild:
793 Removing silly localversion which I missed
794
795 *hardened-sources-2.6.14-r7 (14 Apr 2006)
796
797 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
798 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
799 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
800
801 *hardened-sources-2.6.16-r2 (13 Apr 2006)
802
803 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
804 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
805 +hardened-sources-2.6.16-r2.ebuild:
806 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
807 labels, dropping USERGROUP define fixes, since these were merged mainstream.
808
809 *hardened-sources-2.6.16-r1 (11 Apr 2006)
810
811 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
812 +hardened-sources-2.6.16-r1.ebuild:
813 Bumping to include ppc build fix and 2.6.16.3
814
815 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
816 hardened-sources-2.6.14-r6.ebuild:
817 Stable on x86; bug #127718
818
819 *hardened-sources-2.6.16 (31 Mar 2006)
820
821 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
822 +hardened-sources-2.6.16.ebuild:
823 Bumping to new version of grsec, and kernel base. New squashfs. Based on
824 2.6.16.1
825
826 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
827 hardened-sources-2.6.14-r6.ebuild:
828 Stable on amd64, bug 127718.
829
830 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
831 Stable on ppc. Bug #127718
832
833 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
834 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
835 -hardened-sources-2.6.14-r4.ebuild:
836 Cleanup.
837
838 *hardened-sources-2.6.14-r6 (15 Mar 2006)
839
840 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
841 +hardened-sources-2.6.14-r6.ebuild:
842 Fixes grsec policy recreation bug and adds a
843 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
844
845 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
846 - stable on x86
847
848 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
849 hardened-sources-2.6.14-r5.ebuild:
850 Stable on ppc.
851
852 *hardened-sources-2.6.14-r5 (01 Feb 2006)
853
854 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
855 +hardened-sources-2.6.14-r5.ebuild:
856 fixing every known exploit
857
858 *hardened-sources-2.4.32-r2 (26 Jan 2006)
859
860 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
861 +hardened-sources-2.4.32-r2.ebuild:
862 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
863
864 *hardened-sources-2.6.14-r4 (12 Jan 2006)
865
866 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
867 - version bump for new genpatches which fix up a few sec holes
868
869 *hardened-sources-2.4.32-r1 (05 Jan 2006)
870
871 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
872 - revision bump to add misc vital linux kernel security patches.
873
874 *hardened-sources-2.6.14-r3 (30 Dec 2005)
875
876 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
877 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
878 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
879
880 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
881 hardened-sources-2.6.14-r2.ebuild:
882 making x86 & amd64 stable following testing.
883
884 *hardened-sources-2.6.14-r2 (27 Dec 2005)
885
886 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
887 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
888 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
889 network hooks.
890
891 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
892 hardened-sources-2.6.14-r1.ebuild:
893 bumping to stable early for sec fix on x86 & amd64
894
895 *hardened-sources-2.6.14-r1 (05 Dec 2005)
896
897 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
898 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
899 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
900
901 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
902 - stable on x86 security bug #114227 CAN-2005-3257
903
904 *hardened-sources-2.4.32 (19 Nov 2005)
905
906 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
907 +hardened-sources-2.4.32.ebuild:
908 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
909 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
910 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
911 rsbac >> /etc/portage/package.use)
912
913 *hardened-sources-2.6.14 (14 Nov 2005)
914
915 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
916 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
917 Bumping 2.6 series to 2.6.14.2
918
919 *hardened-sources-2.6.13-r2 (20 Oct 2005)
920
921 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
922 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
923 +hardened-sources-2.6.13-r2.ebuild:
924 Fixes minor build error in ppc.
925
926 *hardened-sources-2.6.13-r1 (17 Oct 2005)
927
928 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
929 +hardened-sources-2.6.13-r1.ebuild:
930 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
931 2.6.13.4, fixes some major amd64 stability problems.
932
933 *hardened-sources-2.6.13 (16 Sep 2005)
934
935 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
936 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
937 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
938 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
939 users should test this thoroughly.
940
941 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
942 - stable on x86
943
944 *hardened-sources-2.6.11-r15 (27 Jun 2005)
945
946 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
947 +hardened-sources-2.6.11-r15.ebuild:
948 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
949 grsec redefining curr_ip struct.
950
951 *hardened-sources-2.4.31 (20 Jun 2005)
952
953 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
954 initial import of 2.4.31 tree
955
956 *hardened-sources-2.6.11-r14 (14 Jun 2005)
957
958 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
959 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
960 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
961 naming scheme to abide by genpatches
962
963 *hardened-sources-2.6.11-r13 (18 May 2005)
964
965 18 May 2005; John Mylchreest <johnm@gentoo.org>
966 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
967 Managed to mangle the Makefile patch from grsec, to miss out the grsec
968 target. sorry about that. Fixes bug #93022
969
970 *hardened-sources-2.6.11-r12 (17 May 2005)
971
972 17 May 2005; John Mylchreest <johnm@gentoo.org>
973 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
974 +hardened-sources-2.6.11-r12.ebuild:
975 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
976 merges in genpatches-base
977
978 *hardened-sources-2.6.11-r12 (17 May 2005)
979
980 17 May 2005; John Mylchreest <johnm@gentoo.org>
981 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
982 +hardened-sources-2.6.11-r12.ebuild:
983 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
984 merges in genpatches-base
985
986 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
987 -files/2.4.27-cmdline-race.patch,
988 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
989 -files/2.4.28-grsec-binfmt_a.out.patch,
990 -files/2.4.28-grsec-cmdline-race.patch,
991 -files/2.4.28-selinux-binfmt_a.out.patch,
992 -files/2.4.28-selinux-cmdline-race.patch,
993 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
994 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
995 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
996 cleanup..
997
998 *hardened-sources-2.4.30-r1 (21 Apr 2005)
999
1000 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1001 - disable aout by default
1002
1003 *hardened-sources-2.4.30 (18 Apr 2005)
1004
1005 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1006 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1007 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1008 use
1009
1010 *hardened-sources-2.4.29 (30 Mar 2005)
1011
1012 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1013 +hardened-sources-2.4.29.ebuild:
1014 New hardened-patches-2.4-29.0 patchball.
1015 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1016
1017 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1018
1019 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1020 +hardened-sources-2.4.28-r5.ebuild:
1021 Added a fix for a PaX vulnerability.
1022
1023 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1024 hardened-sources-2.4.28-r4.ebuild:
1025 Stable on x86
1026
1027 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1028 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1029 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1030 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1031 - fixed/added RDEPEND= in all kernel-2 ebuilds
1032
1033 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1034
1035 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1036 +hardened-sources-2.4.28-r4.ebuild:
1037 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1038 backport of neighbour hash updates.
1039
1040 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1041 hardened-sources-2.4.28-r3.ebuild:
1042 Stable on x86
1043
1044 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1045
1046 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1047 +hardened-sources-2.6.10-r3.ebuild:
1048 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1049 in 2005.0
1050
1051 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1052 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1053 hardened-sources-2.4.28-r2.ebuild:
1054 Mark stable on x86
1055
1056 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1057
1058 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1059 +hardened-sources-2.4.28-r3.ebuild:
1060 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1061
1062 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1063 hardened-sources-2.4.28.ebuild:
1064 Mark stable on x86.
1065
1066 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1067
1068 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1069 +hardened-sources-2.4.28-r2.ebuild:
1070 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1071 Mazinger for grsecurity patches as well.
1072
1073 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1074
1075 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1076 Security bump. Thank tocharian for rolling a new patchset...
1077
1078 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1079 +files/2.4.28-grsec-cmdline-race.patch,
1080 +files/2.4.28-selinux-binfmt_a.out.patch,
1081 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1082 - Round up remaining security patches that appear to be missing in 2.4.28. -
1083 PaX standalone updated to current. hgpv=28.1
1084
1085 *hardened-sources-2.4.28 (28 Nov 2004)
1086
1087 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1088 security bump. Thank tocharian for rolling a new patchset
1089
1090 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1091
1092 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1093 +hardened-sources-2.4.27-r3.ebuild:
1094 Applies the new 2.4-27.2 patchball which updates
1095 GRSecurity to the 2.0.1 version.
1096
1097 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1098
1099 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1100 +hardened-sources-2.4.27-r2.ebuild:
1101 Version bump.
1102 This version uses the new 2.4-27.1 patchball which updates
1103 both the SELinux PaX hooks patch and the SELinux headers.
1104
1105 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1106
1107 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1108 +hardened-sources-2.4.27-r1.ebuild,
1109 -hardened-sources-2.4.27.ebuild,
1110 +files/2.4.27-cmdline-race.patch:
1111 Version bump, fix for cmdline race. See bug #59905.
1112
1113 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1114
1115 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1116 +hardened-sources-2.4.26-r6.ebuild,
1117 -hardened-sources-2.4.26-r5.ebuild,
1118 -hardened-sources-2.4.26-r4.ebuild,
1119 +files/2.4.26-cmdline-race.patch:
1120 Version bump, fix for cmdline race. See bug #59905.
1121
1122 *hardened-sources-2.4.27 (08 Aug 2004)
1123
1124 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1125 +hardened-sources-2.4.27.ebuild,
1126 +files/2.4.27-CAN-2004-0394.patch:
1127 Ported the patchball to the 2.4.27 kernel version.
1128
1129 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1130
1131 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1132 +hardened-sources-2.4.26-r5.ebuild:
1133 Updated to use the new hardened-patches-2.4-26.1 patchball.
1134 It adds the following features:
1135 - Squashfs
1136 - Ebtables
1137 - Netdev random (core+drivers)
1138 - Watchdog Timer (WDT) fix.
1139
1140 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1141
1142 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1143 +hardened-sources-2.4.26-r4.ebuild,
1144 +files/2.4.26-CAN-2004-0415.patch,
1145 -hardened-sources-2.4.26-3:
1146 Version bump, fix for CAN 0415, see bug #59378.
1147
1148 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1149
1150 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1151 +hardened-sources-2.4.26-r3.ebuild,
1152 +files/2.4.26-CAN-2004-0497.patch,
1153 -hardened-sources-2.4.26-r2.ebuild:
1154 Version bump, fixed CAN 0497, see bug #56171.
1155
1156 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1157
1158 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1159 +hardened-sources-2.4.26-r2.ebuild,
1160 +files/2.4.26-CAN-2004-0495.patch,
1161 +files/2.4.26-CAN-2004-0535.patch,
1162 -hardened-sources-2.4.26-r1.ebuild:
1163 Fixes for both CAN 0495 and 0535, see bug #54976
1164
1165 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1166 hardened-sources-2.4.26-r1.ebuild:
1167 QA - fix use invocation
1168
1169 *hardened-sources-2.4.26-r1 (22 June 2004)
1170
1171 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1172 +hardened-sources-2.4.26-r1.ebuild,
1173 +files/2.4.26-CAN-2004-0394.patch,
1174 +files/2.4.26-signal-race.patch,
1175 -hardened-sources-2.4.26.ebuild,
1176 -hardened-sources-2.4.24-r3.ebuild:
1177 Version bump for the CAN-2004-0394 issue and bug #53804
1178 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1179
1180
1181 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1182 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1183 Masked hardened-sources-2.4.26.ebuild broken for ppc
1184
1185 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1186 hardened-sources-2.4.24-r3.ebuild:
1187 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1188
1189 *hardened-sources-2.4.26 (29 May 2004)
1190
1191 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1192 +hardened-sources-2.4.26.ebuild:
1193 Updated hardened-sources for the 2.4.26 kernel
1194 Removed broken components, updated almost everything.
1195
1196 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1197
1198 17 Apr 2004; <plasmaroo@gentoo.org>
1199 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1200 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1201 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1202 +hardened-sources-2.4.24-r3.ebuild:
1203 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1204 vulnerabilities. Old revisions removed.
1205
1206 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1207
1208 15 Apr 2004; <plasmaroo@gentoo.org>
1209 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1210 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1211 Version bump for the CAN-2004-0109 issue; bug #47881.
1212
1213 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1214 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1215 Add eutils to inherit.
1216
1217 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1218
1219 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1220 files/hardened-sources-2.4.24.munmap.patch:
1221 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1222
1223 *hardened-sources-2.4.24 (06 Feb 2004)
1224
1225 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1226 hardened-sources-2.4.24.ebuild:
1227 Version bump, updated most of the components.
1228 This release includes the following:
1229
1230 - Hardened security
1231 - Netfilter patch-o-matic 20031219
1232 - FreeSWAN 2.04 & x509 1.4.8
1233 - EVMS 2.2.2
1234 - XFS 1.3.1
1235 - cryptoloop jari
1236 - grsecurity 2.0-rc4
1237 - SELinux
1238 - PaX 200402060000
1239 - PaX Obscurity 200308302223
1240 - Others...
1241
1242 Neither -ck nor systrace are included anymore.
1243
1244 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1245
1246 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1247 hardened-sources-2.4.22-r2.ebuild:
1248 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1249
1250 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1251
1252 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1253 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1254
1255 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1256 hardened-sources-2.4.22-r1.ebuild:
1257 Version bump for the 'do_brk' vulnerability.
1258
1259 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1260 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1261 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1262 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1263 Fix the 'do_brk' vulnerability.
1264
1265 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1266 hardened-sources-2.4.22.ebuild:
1267 - Removed the src_install() portion for SELinux flask
1268 components. These are no longer handled in the kernel
1269 so this code was not necessary.
1270
1271 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1272 New 2.4.22 based hardened-sources thanks to
1273 Phil West <p.west@computer.org>.
1274
1275 These sources include:
1276 - New SELinux API
1277 - Updated CK-base
1278 - Updated GRSec
1279 - Systrace
1280 - SuperFreeS/WAN 1.99.8
1281 - Propolice kernel build support
1282 - EVMS
1283 - Other various security related patches
1284
1285 *hardened-sources-2.4.21 (14 Sep 2003)
1286
1287 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1288 Updated hardened-sources based on the 2.4.21 Linux kernel.
1289 This includes updates to most major components such as:
1290 - ck-base-0306300059
1291 - selinux-2.4-2003071106
1292 - grsecurity-2.0-rc1
1293 - Updated IPTables patch-o-matic
1294 - Updated SuperFreeS/WAN
1295
1296 Thanks to Phil West <pwest@computer.org> for his work in getting this
1297 updated patch set ready for the 2.4.21 based kernel.
1298
1299 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1300 Initial import of hardened-sources-2.4.20-r4. This revision
1301 includes only a few changes, but one of these is an important
1302 security fix. It is recommended all users of hardened-sources
1303 upgrade to this release.
1304
1305 - ioperm bug fix
1306 - fixed compilation failure when building without GRSec
1307
1308 SAL (Secure Auditing for Linux) is NOT included in this revision
1309 due to time constraints, but is planned for inclusion in the near
1310 future.
1311
1312 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1313
1314 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1315 hardened-sources-2.4.20-r3.ebuild:
1316 Add Header...
1317
1318 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1319 hardened-sources-2.4.20-r3.ebuild:
1320 Removed warnings from ebuild. This kernel should be safe to
1321 use at this point.
1322
1323 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1324
1325 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1326 hardened-sources-2.4.20-r3.ebuild:
1327 New revision. Includes the following changes over -r2:
1328
1329 - ck7-base (O(1), preempt, low latency)
1330 - Super FreeS/WAN 1.99.7rc2
1331 - PaX for the LSM/SELinux branch
1332 - GRSecurity 2.0-pre4 (role based access control)
1333 - Systrace 1.3
1334 - EXT3 fixes
1335 - EVMS 2.0.1
1336 - GCC 3.1+ compile optimizations
1337 - ProPolice kernel build support
1338 - Hashing table security fixes
1339
1340 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1341
1342 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1343 Initial import of hardened-sources-r2. This new
1344 ebuild includes many new performance and security
1345 related patches. As in -r1, it will patch in
1346 LSM/SELinux if "selinux" is in USE, otherwise it
1347 will patch in GRSecurity. The following patches
1348 are included in this revision:
1349
1350 - O(1) Scheduler, Low Latency, and Preempt
1351 (pulled from the base CK patch)
1352 - ptrace exploit patch for the LSM kernel
1353 (the GRSec patch already fixes this)
1354 - LSM 2.4-2003040709
1355 - SELinux 2.4-2003040709
1356 - Systrace v1.2
1357 - IPTables patch-o-matic base patches - 20030107
1358 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1359 - Super FreeS/WAN 1.99.6.1
1360 - GRSecurity 1.9.9g
1361 - MPPE
1362 - EXT3 data journal fix
1363 - CIPE 1.5.4
1364
1365 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1366 hardened-sources-2.4.20-r1.ebuild, manifest:
1367 Updated to install flask components correctly for selinux.
1368
1369 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1370 hardened-sources-2.4.20-r1.ebuild:
1371 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1372 is patched in instead. Ptrace patches for selinux have also been added. In
1373 either case, systrace support will be patched in as well.
1374
1375 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1376 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1377 Revision bump for new sources.
1378
1379 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1380 hardened-sources-2.4.20-r1.ebuild:
1381 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1382
1383 *hardened-sources-2.4.20 (30 Mar 2003)
1384
1385 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1386 hardened-sources-2.4.20.ebuild:
1387 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20