/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.225 - (show annotations) (download)
Thu May 15 15:35:54 2008 UTC (7 years, 1 month ago) by solar
Branch: MAIN
Changes since 1.224: +4 -1 lines
- fasttrack to stable x86/amd64
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.224 2008/05/11 10:58:14 swegener Exp $
4
5 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
6 - fasttrack to stable x86/amd64
7
8 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
9 Fix broken digest for linux-2.6.24.tar.bz2.
10
11 *hardened-sources-2.6.24-r2 (11 May 2008)
12 *hardened-sources-2.6.23-r12 (11 May 2008)
13
14 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
15 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
16 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
17 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
18 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
19 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
20 security bugs 219901, 220691, 220975, 220979, 221123. New
21 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
22 should be removed as far as I'm concerned, everything else remove due to
23 vulnerable to numerous security bugs or brokeness.
24
25 10 May 2008; nixnut <nixnut@gentoo.org>
26 hardened-sources-2.6.23-r11.ebuild:
27 Stable on ppc
28
29 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
30 - -r11 stable on x86/amd64
31
32 *hardened-sources-2.6.23-r11 (01 May 2008)
33
34 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
35 - version bump to fix ulgy linux bugs
36
37 *hardened-sources-2.6.24-r1 (30 Apr 2008)
38
39 30 Apr 2008; Christian Heim <phreak@gentoo.org>
40 +hardened-sources-2.6.24-r1.ebuild:
41 Revision bump (thanks to Kerin and Gordon, again), pulling
42 genpatches-2.6.24-7, solving #219089. Additionally contains further security
43 fixes plus some minor updates.
44
45 *hardened-sources-2.6.23-r10 (30 Apr 2008)
46
47 30 Apr 2008; Christian Heim <phreak@gentoo.org>
48 +hardened-sources-2.6.23-r10.ebuild:
49 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
50 Additional contains "various other fixes".
51
52 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
53 Update the longdescription in metadata, thanks to Gordon Malm.
54
55 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
56 Stable on ppc wrt bug #213255
57
58 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
59 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
60 - stable on x86/amd64 per request. Removed obsolete ebuilds
61
62 *hardened-sources-2.6.24 (07 Apr 2008)
63
64 07 Apr 2008; Christian Heim <phreak@gentoo.org>
65 +hardened-sources-2.6.24.ebuild:
66 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
67 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
68 for the many contributions and their continued effort in #216612) based on
69 2.6.24 and genpatches-2.6.24-5.
70
71 The current ebuild/patchset contains these things:
72 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
73 * Introduces bespoke server and workstation oriented security levels
74 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
75
76 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
77 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
78 maintaining it).
79
80 24 Mar 2008; Christian Heim <phreak@gentoo.org>
81 hardened-sources-2.4.35-r2.ebuild:
82 Fixing SRC_URI for 2.4.35-r2.
83
84 *hardened-sources-2.6.23-r9 (22 Mar 2008)
85
86 22 Mar 2008; Christian Heim <phreak@gentoo.org>
87 +hardened-sources-2.6.23-r9.ebuild:
88 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
89 * Change the default GIDs for some grsecurity options
90 * Revamp the Hardened [Gentoo] security level and make it the default level
91 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
92 * Fix a recursive lock -- call to capable() within ptrace_attach()
93 * Fix bug that allows audit and iscsi operations to be controlled via netlink
94
95 *hardened-sources-2.6.23-r8 (27 Feb 2008)
96
97 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
98 - version bump from Kerin Millar bug 210026
99
100 17 Feb 2008; <solar@gentoo.org> metadata.xml,
101 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
102 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
103 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
104 - stable on x86 and remove old ebuilds
105
106 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
107 - stable on amd64 per request of amd64 lead
108
109 *hardened-sources-2.6.23-r7 (11 Feb 2008)
110
111 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
112 - version bump from kerin.millar
113 Changes:
114
115 * Bump to genpatches-base-2.6.23-9
116 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
117 * Disables COMPAT_VDSO in x86/defconfig
118 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
119
120 25 Jan 2008; Christian Heim <phreak@gentoo.org>
121 -hardened-sources-2.6.22-r8.ebuild:
122 Cleaning up old versions.
123
124 *hardened-sources-2.6.23-r6 (25 Jan 2008)
125
126 25 Jan 2008; Christian Heim <phreak@gentoo.org>
127 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
128 Revision bump, pulling in the latest genpatches.
129
130 *hardened-sources-2.6.23-r5 (24 Dec 2007)
131
132 24 Dec 2007; Christian Heim <phreak@gentoo.org>
133 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
134 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
135 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
136 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
137
138 24 Dec 2007; Christian Heim <phreak@gentoo.org>
139 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
140 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
141 -hardened-sources-2.6.23-r3.ebuild:
142 Cleaning out some unused, old versions.
143
144 24 Dec 2007; Christian Heim <phreak@gentoo.org>
145 hardened-sources-2.6.23-r4.ebuild:
146 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
147 in the tree for long, but there isn't much of a difference between this and
148 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
149
150 *hardened-sources-2.6.23-r4 (23 Dec 2007)
151
152 23 Dec 2007; Christian Heim <phreak@gentoo.org>
153 +hardened-sources-2.6.23-r4.ebuild:
154 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
155
156 *hardened-sources-2.6.23-r3 (04 Dec 2007)
157
158 04 Dec 2007; Christian Heim <phreak@gentoo.org>
159 +hardened-sources-2.6.23-r3.ebuild:
160 Revision bump, pulling in 2.6.23.9.
161
162 *hardened-sources-2.6.23-r2 (25 Nov 2007)
163
164 25 Nov 2007; Christian Heim <phreak@gentoo.org>
165 +hardened-sources-2.6.23-r2.ebuild:
166 Updated patchset, thanks to solar.
167
168 *hardened-sources-2.6.23-r1 (31 Oct 2007)
169
170 31 Oct 2007; Christian Heim <phreak@gentoo.org>
171 +hardened-sources-2.6.23-r1.ebuild:
172 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
173
174 29 Oct 2007; <solar@gentoo.org> metadata.xml:
175 - update metadata.xml
176
177 25 Oct 2007; Christian Heim <phreak@gentoo.org>
178 hardened-sources-2.6.22-r8.ebuild:
179 Marking 2.6.22-r8 stable on amd64 and x86.
180
181 21 Oct 2007; Christian Heim <phreak@gentoo.org>
182 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
183 -hardened-sources-2.6.21-r4.ebuild:
184 Removing old ebuilds.
185
186 *hardened-sources-2.4.35-r2 (21 Oct 2007)
187
188 21 Oct 2007; Christian Heim <phreak@gentoo.org>
189 +hardened-sources-2.4.35-r2.ebuild:
190 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
191 patches.
192
193 *hardened-sources-2.6.22-r8 (21 Oct 2007)
194
195 21 Oct 2007; Christian Heim <phreak@gentoo.org>
196 +hardened-sources-2.6.22-r8.ebuild:
197 Yet another new patch, hopefully fixing the remaining issues we had w/
198 2.6.22. Candidate for stabling.
199
200 *hardened-sources-2.6.23 (13 Oct 2007)
201
202 13 Oct 2007; Christian Heim <phreak@gentoo.org>
203 +hardened-sources-2.6.23.ebuild:
204 Initial hardened-sources-2.6.23. If people still have problems w/ bug
205 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
206
207 11 Oct 2007; Christian Heim <phreak@gentoo.org>
208 hardened-sources-2.6.20-r10.ebuild:
209 Pulling in yet another new genpatches version, fixing the PWC bug for real.
210
211 04 Oct 2007; Christian Heim <phreak@gentoo.org>
212 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
213 Removing old versions.
214
215 *hardened-sources-2.6.22-r7 (01 Oct 2007)
216
217 01 Oct 2007; Christian Heim <phreak@gentoo.org>
218 +hardened-sources-2.6.22-r7.ebuild:
219 Revision bump, pulling in a newer patch. Should fix #194276.
220
221 30 Sep 2007; Christian Heim <phreak@gentoo.org>
222 hardened-sources-2.6.20-r10.ebuild:
223 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
224 Mike Doty).
225
226 *hardened-sources-2.6.22-r6 (26 Sep 2007)
227
228 26 Sep 2007; Christian Heim <phreak@gentoo.org>
229 +hardened-sources-2.6.22-r6.ebuild:
230 Revision bump, grabbing up till Linux 2.6.22.9.
231
232 24 Sep 2007; Christian Heim <phreak@gentoo.org>
233 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
234 Cleaning up further.
235
236 *hardened-sources-2.6.20-r10 (24 Sep 2007)
237
238 24 Sep 2007; Christian Heim <phreak@gentoo.org>
239 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
240 +hardened-sources-2.6.20-r10.ebuild:
241 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
242 revisions.
243
244 *hardened-sources-2.6.22-r5 (22 Sep 2007)
245
246 22 Sep 2007; Christian Heim <phreak@gentoo.org>
247 +hardened-sources-2.6.22-r5.ebuild:
248 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
249
250 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
251 Removing johnm from metadata.xml (see #186467 for reference).
252
253 *hardened-sources-2.6.22-r4 (17 Sep 2007)
254
255 17 Sep 2007; Christian Heim <phreak@gentoo.org>
256 +hardened-sources-2.6.22-r4.ebuild:
257 Revision bump, hopefully fixing all those weird PAX failures.
258
259 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
260 Updating the metadata.xml.
261
262 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
263 Removing tocharian from metadata due to his retirement (see #71718 for
264 reference).
265
266 *hardened-sources-2.6.20-r9 (30 Aug 2007)
267
268 30 Aug 2007; Christian Heim <phreak@gentoo.org>
269 +hardened-sources-2.6.20-r9.ebuild:
270 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
271
272 29 Aug 2007; Christian Heim <phreak@gentoo.org>
273 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
274 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
275 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
276 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
277 -hardened-sources-2.6.22-r2.ebuild:
278 Removing some redundant versions.
279
280 *hardened-sources-2.4.35-r1 (29 Aug 2007)
281
282 29 Aug 2007; Christian Heim <phreak@gentoo.org>
283 +hardened-sources-2.4.35-r1.ebuild:
284 Revision bump, new grsecurity patch.
285
286 *hardened-sources-2.6.20-r8 (26 Aug 2007)
287
288 26 Aug 2007; Christian Heim <phreak@gentoo.org>
289 +hardened-sources-2.6.20-r8.ebuild:
290 Revision bump for Linux 2.6.20.17.
291
292 *hardened-sources-2.6.22-r3 (22 Aug 2007)
293
294 22 Aug 2007; Christian Heim <phreak@gentoo.org>
295 +hardened-sources-2.6.22-r3.ebuild:
296 Revision bump for Linux 2.6.22.4.
297
298 16 Aug 2007; Christian Heim <phreak@gentoo.org>
299 hardened-sources-2.6.22-r2.ebuild:
300 Updated patchset, to fix the alignment against 2.6.22.3.
301
302 *hardened-sources-2.6.22-r2 (16 Aug 2007)
303
304 16 Aug 2007; Christian Heim <phreak@gentoo.org>
305 +hardened-sources-2.6.22-r2.ebuild:
306 Revision bump for Linux 2.6.22.3.
307
308 *hardened-sources-2.4.35 (16 Aug 2007)
309
310 16 Aug 2007; Christian Heim <phreak@gentoo.org>
311 +hardened-sources-2.4.35.ebuild:
312 Version bump, initial version for Linux 2.4.35.
313
314 *hardened-sources-2.6.21-r4 (16 Aug 2007)
315
316 16 Aug 2007; Christian Heim <phreak@gentoo.org>
317 +hardened-sources-2.6.21-r4.ebuild:
318 Revision bump for Linux 2.6.21.6.
319
320 *hardened-sources-2.6.20-r7 (16 Aug 2007)
321
322 16 Aug 2007; Christian Heim <phreak@gentoo.org>
323 +hardened-sources-2.6.20-r7.ebuild:
324 Revision bump for Linux 2.6.20.16.
325
326 *hardened-sources-2.6.22-r1 (13 Aug 2007)
327
328 13 Aug 2007; Christian Heim <phreak@gentoo.org>
329 +hardened-sources-2.6.22-r1.ebuild:
330 Yet another revision bump.
331
332 *hardened-sources-2.6.22 (10 Aug 2007)
333
334 10 Aug 2007; Christian Heim <phreak@gentoo.org>
335 +hardened-sources-2.6.22.ebuild:
336 Initial release for 2.6.22. If you are using hardened-sources on a desktop
337 machine (P4 or newer), be aware you might need to disable
338 CONFIG_PAX_PAGEEXEC.
339
340 04 Aug 2007; Christian Heim <phreak@gentoo.org>
341 hardened-sources-2.6.20-r6.ebuild:
342 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
343 2.6.20.15.
344
345 10 Jul 2007; Christian Heim <phreak@gentoo.org>
346 hardened-sources-2.6.20-r5.ebuild:
347 Marking hardened-sources-2.6.20-r5 stable on ppc.
348
349 10 Jul 2007; Christian Heim <phreak@gentoo.org>
350 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
351 Cleanup.
352
353 *hardened-sources-2.6.20-r6 (08 Jul 2007)
354
355 08 Jul 2007; Christian Heim <phreak@gentoo.org>
356 +hardened-sources-2.6.20-r6.ebuild:
357 Revision bump, grabbing yet another stable release.
358
359 17 Jun 2007; Christian Heim <phreak@gentoo.org>
360 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
361 -hardened-sources-2.6.21-r2.ebuild:
362 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
363 alpha stable KEYWORD by mistake.
364
365 17 Jun 2007; Christian Heim <phreak@gentoo.org>
366 hardened-sources-2.6.20-r5.ebuild:
367 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
368 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
369
370 *hardened-sources-2.6.21-r3 (12 Jun 2007)
371
372 12 Jun 2007; Christian Heim <phreak@gentoo.org>
373 +hardened-sources-2.6.21-r3.ebuild:
374 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
375 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
376 love.
377
378 *hardened-sources-2.6.20-r5 (11 Jun 2007)
379
380 11 Jun 2007; Christian Heim <phreak@gentoo.org>
381 +hardened-sources-2.6.20-r5.ebuild:
382 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
383 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
384 love.
385
386 *hardened-sources-2.4.34.5 (11 Jun 2007)
387
388 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
389 +hardened-sources-2.4.34.5.ebuild:
390 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
391
392 30 May 2007; Christian Heim <phreak@gentoo.org>
393 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
394 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
395 stale ebuild(s).
396
397 30 May 2007; Christian Heim <phreak@gentoo.org>
398 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
399 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
400 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
401 Doing some cleanups, remove stale ebuilds.
402
403 26 May 2007; Christian Heim <phreak@gentoo.org>
404 hardened-sources-2.6.21-r2.ebuild:
405 Fixing the grsecurity patch, had one '};' too much.
406
407 *hardened-sources-2.6.21-r2 (26 May 2007)
408
409 26 May 2007; Christian Heim <phreak@gentoo.org>
410 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
411 +hardened-sources-2.6.21-r2.ebuild:
412 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
413 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
414
415 *hardened-sources-2.6.20-r4 (26 May 2007)
416
417 26 May 2007; Christian Heim <phreak@gentoo.org>
418 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
419 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
420 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
421
422 15 May 2007; Christian Heim <phreak@gentoo.org>
423 hardened-sources-2.6.20-r3.ebuild:
424 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
425 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
426 grsecurity patch fail in that exact same hunk.
427
428 *hardened-sources-2.6.20-r3 (15 May 2007)
429
430 15 May 2007; Christian Heim <phreak@gentoo.org>
431 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
432 Revision bump, incorporating Linux 2.6.20.11.
433
434 *hardened-sources-2.6.21-r1 (11 May 2007)
435
436 11 May 2007; Christian Heim <phreak@gentoo.org>
437 +hardened-sources-2.6.21-r1.ebuild:
438 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
439 mentioned in #177234.
440
441 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
442 files/digest-hardened-sources-2.6.21, Manifest:
443 Fix Manifest/digest for linux-2.6.21.tar.bz2
444
445 06 May 2007; Christian Heim <phreak@gentoo.org>
446 hardened-sources-2.6.21.ebuild:
447 Bumping the hardened-patches version, needed for the fix for #177234.
448
449 *hardened-sources-2.6.21 (02 May 2007)
450
451 02 May 2007; Christian Heim <phreak@gentoo.org>
452 +hardened-sources-2.6.21.ebuild:
453 Version bump, Linux 2.6.21-hardened.
454
455 29 Apr 2007; Christian Heim <phreak@gentoo.org>
456 hardened-sources-2.6.20-r2.ebuild:
457 Adding ~ia64 on Ned's request.
458
459 29 Apr 2007; Christian Heim <phreak@gentoo.org>
460 hardened-sources-2.6.20-r2.ebuild:
461 Fixing the included grsecurity patch, wasn't alligning due to the Index:
462 header line(s).
463
464 29 Apr 2007; Christian Heim <phreak@gentoo.org>
465 hardened-sources-2.6.20-r2.ebuild:
466 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
467
468 *hardened-sources-2.6.20-r2 (10 Apr 2007)
469
470 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
471 +hardened-sources-2.6.20-r2.ebuild:
472 Version bump, on behalf of phreak
473
474 *hardened-sources-2.6.20-r1 (04 Apr 2007)
475
476 04 Apr 2007; Christian Heim <phreak@gentoo.org>
477 +hardened-sources-2.6.20-r1.ebuild:
478 Revision bump, grabbing a newer grsecurity snapshot.
479
480 *hardened-sources-2.6.20 (25 Mar 2007)
481
482 25 Mar 2007; Christian Heim <phreak@gentoo.org>
483 +hardened-sources-2.6.20.ebuild:
484 Finally a hardened-sources version for 2.6.20; many people have been waiting
485 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
486 testbox.
487
488 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
489 hardened-sources-2.6.18-r6.ebuild:
490 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
491
492 *hardened-sources-2.6.18-r6 (16 Mar 2007)
493
494 16 Mar 2007; Christian Heim <phreak@gentoo.org>
495 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
496 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
497 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
498 supposed to be.
499
500 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
501 Fixing the Manifest, the previous one was broken (as in still had the
502 deleted ebuild in it).
503
504 06 Mar 2007; Christian Heim <phreak@gentoo.org>
505 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
506 +hardened-sources-2.6.18-r5.ebuild:
507 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
508 Linux 2.6.18.8. Also cleaning up the older version.
509
510 *hardened-sources-2.6.18-r5 (06 Mar 2007)
511
512 06 Mar 2007; Christian Heim <phreak@gentoo.org>
513 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
514 +hardened-sources-2.6.18-r5.ebuild:
515 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
516 Linux 2.6.18.8. Also cleaning up the older version.
517
518 24 Feb 2007; Christian Heim <phreak@gentoo.org>
519 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
520 -hardened-sources-2.6.19-r5.ebuild:
521 Removing some of the old version, that didn't work.
522
523 *hardened-sources-2.6.19-r6 (12 Feb 2007)
524
525 12 Feb 2007; Christian Heim <phreak@gentoo.org>
526 +hardened-sources-2.6.19-r6.ebuild:
527 Revision bump, including a new grsec version fixing #166235.
528
529 *hardened-sources-2.4.34 (24 Jan 2007)
530
531 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
532 Manifest:
533 updating Manifest with checksums of new tarball and ebuild
534
535 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
536 +hardened-sources-2.4.34.ebuild:
537 I added new hardened sources 2.4 update, this is a critical path
538 security bugfix - all users of h-s are strongly advised
539 to update their existing hardened sources to this version.
540 It contains a fix for a kernel vulnerability that is pertaining
541 to the PaX changes to virtual memory management, possibly leading
542 to a local kernel exploit ... see grsecurity.net forums and homepage
543
544 23 Jan 2007; Christian Heim <phreak@gentoo.org>
545 files/digest-hardened-sources-2.6.19-r5, Manifest:
546 Fixing the patch-tarball digest.
547
548 *hardened-sources-2.6.19-r5 (23 Jan 2007)
549
550 23 Jan 2007; Christian Heim <phreak@gentoo.org>
551 +hardened-sources-2.6.19-r5.ebuild:
552 Revision bump, closing the recently discovered PaX expand_stack()
553 vulnerability.
554
555 *hardened-sources-2.6.19-r4 (14 Jan 2007)
556
557 14 Jan 2007; Christian Heim <phreak@gentoo.org>
558 +hardened-sources-2.6.19-r4.ebuild:
559 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
560 dropping the randomized PID feature.
561
562 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
563 hardened-sources-2.4.33.4.ebuild:
564 stable x86, bug #161171
565
566 *hardened-sources-2.6.19-r3 (27 Dec 2006)
567
568 27 Dec 2006; Christian Heim <phreak@gentoo.org>
569 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
570 Revision bump for bug #157186 and #158786.
571
572 *hardened-sources-2.6.18-r4 (27 Dec 2006)
573
574 27 Dec 2006; Christian Heim <phreak@gentoo.org>
575 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
576 Revision bump for bug #157186.
577
578 *hardened-sources-2.6.19-r2 (23 Dec 2006)
579
580 23 Dec 2006; Christian Heim <phreak@gentoo.org>
581 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
582 Revision bump to pull in genpatches-2.6.19-3 for #157186.
583
584 17 Dec 2006; Christian Heim <phreak@gentoo.org>
585 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
586 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
587 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
588 hardened-sources-2.6.19-r1.ebuild:
589 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
590 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
591
592 *hardened-sources-2.4.33.4 (17 Dec 2006)
593
594 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
595 +hardened-sources-2.4.33.4.ebuild:
596 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
597 and quilting
598
599 *hardened-sources-2.6.19-r1 (14 Dec 2006)
600
601 14 Dec 2006; Christian Heim <phreak@gentoo.org>
602 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
603 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
604 for reporting).
605
606 *hardened-sources-2.6.19 (13 Dec 2006)
607
608 13 Dec 2006; Christian Heim <phreak@gentoo.org>
609 +hardened-sources-2.6.19.ebuild:
610 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
611 Brad for providing that prompt update.
612
613 *hardened-sources-2.6.18-r3 (13 Dec 2006)
614
615 13 Dec 2006; Christian Heim <phreak@gentoo.org>
616 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
617 +hardened-sources-2.6.18-r3.ebuild:
618 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
619 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
620
621 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
622 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
623
624 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
625 Stable on ppc wrt bug 157356
626
627 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
628 hardened-sources-2.6.18.ebuild:
629 stable x86, bug #157356
630
631 *hardened-sources-2.6.18-r2 (06 Dec 2006)
632
633 06 Dec 2006; Christian Heim <phreak@gentoo.org>
634 +hardened-sources-2.6.18-r2.ebuild:
635 Revision bump, including 2.6.18.5 (via genpatches) and
636 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
637 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
638 redesign.
639
640 06 Dec 2006; Christian Heim <phreak@gentoo.org>
641 hardened-sources-2.6.18.ebuild:
642 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
643 of Mike Doty).
644
645 *hardened-sources-2.6.18-r1 (23 Nov 2006)
646
647 23 Nov 2006; Christian Heim <phreak@gentoo.org>
648 +hardened-sources-2.6.18-r1.ebuild:
649 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
650
651 *hardened-sources-2.6.18 (11 Nov 2006)
652
653 11 Nov 2006; Christian Heim <phreak@gentoo.org>
654 +hardened-sources-2.6.18.ebuild:
655 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
656
657 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
658 - mark amd64 stable also. bug #151877
659
660 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
661 - mark 2.6.17-r1 stable
662
663 27 Aug 2006; Christian Heim <phreak@gentoo.org>
664 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
665 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
666
667 *hardened-sources-2.6.17-r1 (26 Aug 2006)
668
669 26 Aug 2006; Christian Heim <phreak@gentoo.org>
670 +hardened-sources-2.6.17-r1.ebuild:
671 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
672 grsecurity patch.
673
674 *hardened-sources-2.6.17 (17 Aug 2006)
675
676 17 Aug 2006; Christian Heim <phreak@gentoo.org>
677 +hardened-sources-2.6.17.ebuild:
678 Bumping the hardened-sources-2.6 series to 2.6.17, using
679 genpatches-2.6.17-6.base.
680
681 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
682 - stable on x86 and amd64
683
684 *hardened-sources-2.6.16-r11 (15 Jul 2006)
685
686 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
687 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
688 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
689 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
690 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
691 crusty ebuilds
692
693 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
694 hardened-sources-2.6.16-r10.ebuild:
695 marking stable on x86 and amd64
696
697 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
698 - 2.4.32-r6 stable on x86. RSBAC state unknown
699
700 *hardened-sources-2.4.32-r7 (10 Jul 2006)
701
702 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
703 +hardened-sources-2.4.32-r7.ebuild:
704 Bump PaX for RSBAC to test-17
705
706 *hardened-sources-2.6.16-r9 (03 Jul 2006)
707
708 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
709 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
710 hardened-sources-2.6.16 bump to latest -base.
711
712 *hardened-sources-2.4.32-r6 (30 Jun 2006)
713
714 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
715 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
716 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
717 sysctl controlable resource logging
718
719 *hardened-sources-2.6.16-r7 (05 Jun 2006)
720
721 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
722 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
723 push new 2.6.16 release in preparation for stable
724
725 22 May 2006; <solar@gentoo.org> :
726 - redigest bug 134002
727
728 *hardened-sources-2.4.32-r5 (16 May 2006)
729
730 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
731 +hardened-sources-2.4.32-r5.ebuild:
732 Fixes rsbac common patching (new patch in new -r5 patchset)
733
734 *hardened-sources-2.4.32-r4 (13 May 2006)
735
736 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
737 +hardened-sources-2.4.32-r4.ebuild:
738 - security bumps
739
740 *hardened-sources-2.6.16-r6 (03 May 2006)
741
742 03 May 2006; John Mylchreest <johnm@gentoo.org>
743 +hardened-sources-2.6.16-r6.ebuild:
744 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
745
746 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
747 hardened-sources-2.6.14-r8.ebuild:
748 fix x86_64 build problem, this will delay the digest issue again for a short
749 while but it will sort itself out
750
751 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
752 hardened-sources-2.6.14-r8.ebuild:
753 bump hardened patchset
754
755 27 Apr 2006; Alec Warner <antarus@gentoo.org>
756 files/digest-hardened-sources-2.4.32-r2,
757 files/digest-hardened-sources-2.4.32-r3,
758 files/digest-hardened-sources-2.6.14-r8, Manifest:
759 Fixing duff SHA256 digests: Bug # 131293
760
761 *hardened-sources-2.6.16-r5 (27 Apr 2006)
762
763 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
764 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
765 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
766 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
767 cleanup of old uneccessary sources
768
769 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
770 fix digest
771
772 *hardened-sources-2.6.14-r8 (20 Apr 2006)
773
774 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
775 +hardened-sources-2.6.14-r8.ebuild:
776 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
777
778 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
779 Turning on gpg-signing again, and recomitting
780
781 *hardened-sources-2.6.16-r4 (20 Apr 2006)
782
783 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
784 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
785 +hardened-sources-2.6.16-r4.ebuild:
786 Fix numerous security vulns
787
788 *hardened-sources-2.4.32-r3 (16 Apr 2006)
789
790 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
791 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
792 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
793 - security bump for bug #112791. Removed old ebuilds
794
795 *hardened-sources-2.6.16-r3 (15 Apr 2006)
796
797 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
798 +hardened-sources-2.6.16-r3.ebuild:
799 Removing silly localversion which I missed
800
801 *hardened-sources-2.6.14-r7 (14 Apr 2006)
802
803 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
804 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
805 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
806
807 *hardened-sources-2.6.16-r2 (13 Apr 2006)
808
809 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
810 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
811 +hardened-sources-2.6.16-r2.ebuild:
812 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
813 labels, dropping USERGROUP define fixes, since these were merged mainstream.
814
815 *hardened-sources-2.6.16-r1 (11 Apr 2006)
816
817 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
818 +hardened-sources-2.6.16-r1.ebuild:
819 Bumping to include ppc build fix and 2.6.16.3
820
821 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
822 hardened-sources-2.6.14-r6.ebuild:
823 Stable on x86; bug #127718
824
825 *hardened-sources-2.6.16 (31 Mar 2006)
826
827 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
828 +hardened-sources-2.6.16.ebuild:
829 Bumping to new version of grsec, and kernel base. New squashfs. Based on
830 2.6.16.1
831
832 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
833 hardened-sources-2.6.14-r6.ebuild:
834 Stable on amd64, bug 127718.
835
836 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
837 Stable on ppc. Bug #127718
838
839 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
840 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
841 -hardened-sources-2.6.14-r4.ebuild:
842 Cleanup.
843
844 *hardened-sources-2.6.14-r6 (15 Mar 2006)
845
846 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
847 +hardened-sources-2.6.14-r6.ebuild:
848 Fixes grsec policy recreation bug and adds a
849 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
850
851 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
852 - stable on x86
853
854 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
855 hardened-sources-2.6.14-r5.ebuild:
856 Stable on ppc.
857
858 *hardened-sources-2.6.14-r5 (01 Feb 2006)
859
860 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
861 +hardened-sources-2.6.14-r5.ebuild:
862 fixing every known exploit
863
864 *hardened-sources-2.4.32-r2 (26 Jan 2006)
865
866 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
867 +hardened-sources-2.4.32-r2.ebuild:
868 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
869
870 *hardened-sources-2.6.14-r4 (12 Jan 2006)
871
872 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
873 - version bump for new genpatches which fix up a few sec holes
874
875 *hardened-sources-2.4.32-r1 (05 Jan 2006)
876
877 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
878 - revision bump to add misc vital linux kernel security patches.
879
880 *hardened-sources-2.6.14-r3 (30 Dec 2005)
881
882 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
883 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
884 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
885
886 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
887 hardened-sources-2.6.14-r2.ebuild:
888 making x86 & amd64 stable following testing.
889
890 *hardened-sources-2.6.14-r2 (27 Dec 2005)
891
892 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
893 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
894 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
895 network hooks.
896
897 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
898 hardened-sources-2.6.14-r1.ebuild:
899 bumping to stable early for sec fix on x86 & amd64
900
901 *hardened-sources-2.6.14-r1 (05 Dec 2005)
902
903 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
904 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
905 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
906
907 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
908 - stable on x86 security bug #114227 CAN-2005-3257
909
910 *hardened-sources-2.4.32 (19 Nov 2005)
911
912 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
913 +hardened-sources-2.4.32.ebuild:
914 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
915 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
916 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
917 rsbac >> /etc/portage/package.use)
918
919 *hardened-sources-2.6.14 (14 Nov 2005)
920
921 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
922 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
923 Bumping 2.6 series to 2.6.14.2
924
925 *hardened-sources-2.6.13-r2 (20 Oct 2005)
926
927 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
928 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
929 +hardened-sources-2.6.13-r2.ebuild:
930 Fixes minor build error in ppc.
931
932 *hardened-sources-2.6.13-r1 (17 Oct 2005)
933
934 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
935 +hardened-sources-2.6.13-r1.ebuild:
936 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
937 2.6.13.4, fixes some major amd64 stability problems.
938
939 *hardened-sources-2.6.13 (16 Sep 2005)
940
941 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
942 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
943 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
944 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
945 users should test this thoroughly.
946
947 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
948 - stable on x86
949
950 *hardened-sources-2.6.11-r15 (27 Jun 2005)
951
952 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
953 +hardened-sources-2.6.11-r15.ebuild:
954 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
955 grsec redefining curr_ip struct.
956
957 *hardened-sources-2.4.31 (20 Jun 2005)
958
959 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
960 initial import of 2.4.31 tree
961
962 *hardened-sources-2.6.11-r14 (14 Jun 2005)
963
964 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
965 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
966 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
967 naming scheme to abide by genpatches
968
969 *hardened-sources-2.6.11-r13 (18 May 2005)
970
971 18 May 2005; John Mylchreest <johnm@gentoo.org>
972 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
973 Managed to mangle the Makefile patch from grsec, to miss out the grsec
974 target. sorry about that. Fixes bug #93022
975
976 *hardened-sources-2.6.11-r12 (17 May 2005)
977
978 17 May 2005; John Mylchreest <johnm@gentoo.org>
979 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
980 +hardened-sources-2.6.11-r12.ebuild:
981 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
982 merges in genpatches-base
983
984 *hardened-sources-2.6.11-r12 (17 May 2005)
985
986 17 May 2005; John Mylchreest <johnm@gentoo.org>
987 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
988 +hardened-sources-2.6.11-r12.ebuild:
989 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
990 merges in genpatches-base
991
992 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
993 -files/2.4.27-cmdline-race.patch,
994 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
995 -files/2.4.28-grsec-binfmt_a.out.patch,
996 -files/2.4.28-grsec-cmdline-race.patch,
997 -files/2.4.28-selinux-binfmt_a.out.patch,
998 -files/2.4.28-selinux-cmdline-race.patch,
999 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1000 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1001 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1002 cleanup..
1003
1004 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1005
1006 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1007 - disable aout by default
1008
1009 *hardened-sources-2.4.30 (18 Apr 2005)
1010
1011 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1012 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1013 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1014 use
1015
1016 *hardened-sources-2.4.29 (30 Mar 2005)
1017
1018 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1019 +hardened-sources-2.4.29.ebuild:
1020 New hardened-patches-2.4-29.0 patchball.
1021 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1022
1023 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1024
1025 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1026 +hardened-sources-2.4.28-r5.ebuild:
1027 Added a fix for a PaX vulnerability.
1028
1029 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1030 hardened-sources-2.4.28-r4.ebuild:
1031 Stable on x86
1032
1033 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1034 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1035 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1036 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1037 - fixed/added RDEPEND= in all kernel-2 ebuilds
1038
1039 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1040
1041 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1042 +hardened-sources-2.4.28-r4.ebuild:
1043 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1044 backport of neighbour hash updates.
1045
1046 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1047 hardened-sources-2.4.28-r3.ebuild:
1048 Stable on x86
1049
1050 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1051
1052 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1053 +hardened-sources-2.6.10-r3.ebuild:
1054 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1055 in 2005.0
1056
1057 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1058 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1059 hardened-sources-2.4.28-r2.ebuild:
1060 Mark stable on x86
1061
1062 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1063
1064 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1065 +hardened-sources-2.4.28-r3.ebuild:
1066 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1067
1068 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1069 hardened-sources-2.4.28.ebuild:
1070 Mark stable on x86.
1071
1072 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1073
1074 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1075 +hardened-sources-2.4.28-r2.ebuild:
1076 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1077 Mazinger for grsecurity patches as well.
1078
1079 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1080
1081 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1082 Security bump. Thank tocharian for rolling a new patchset...
1083
1084 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1085 +files/2.4.28-grsec-cmdline-race.patch,
1086 +files/2.4.28-selinux-binfmt_a.out.patch,
1087 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1088 - Round up remaining security patches that appear to be missing in 2.4.28. -
1089 PaX standalone updated to current. hgpv=28.1
1090
1091 *hardened-sources-2.4.28 (28 Nov 2004)
1092
1093 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1094 security bump. Thank tocharian for rolling a new patchset
1095
1096 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1097
1098 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1099 +hardened-sources-2.4.27-r3.ebuild:
1100 Applies the new 2.4-27.2 patchball which updates
1101 GRSecurity to the 2.0.1 version.
1102
1103 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1104
1105 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1106 +hardened-sources-2.4.27-r2.ebuild:
1107 Version bump.
1108 This version uses the new 2.4-27.1 patchball which updates
1109 both the SELinux PaX hooks patch and the SELinux headers.
1110
1111 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1112
1113 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1114 +hardened-sources-2.4.27-r1.ebuild,
1115 -hardened-sources-2.4.27.ebuild,
1116 +files/2.4.27-cmdline-race.patch:
1117 Version bump, fix for cmdline race. See bug #59905.
1118
1119 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1120
1121 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1122 +hardened-sources-2.4.26-r6.ebuild,
1123 -hardened-sources-2.4.26-r5.ebuild,
1124 -hardened-sources-2.4.26-r4.ebuild,
1125 +files/2.4.26-cmdline-race.patch:
1126 Version bump, fix for cmdline race. See bug #59905.
1127
1128 *hardened-sources-2.4.27 (08 Aug 2004)
1129
1130 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1131 +hardened-sources-2.4.27.ebuild,
1132 +files/2.4.27-CAN-2004-0394.patch:
1133 Ported the patchball to the 2.4.27 kernel version.
1134
1135 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1136
1137 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1138 +hardened-sources-2.4.26-r5.ebuild:
1139 Updated to use the new hardened-patches-2.4-26.1 patchball.
1140 It adds the following features:
1141 - Squashfs
1142 - Ebtables
1143 - Netdev random (core+drivers)
1144 - Watchdog Timer (WDT) fix.
1145
1146 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1147
1148 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1149 +hardened-sources-2.4.26-r4.ebuild,
1150 +files/2.4.26-CAN-2004-0415.patch,
1151 -hardened-sources-2.4.26-3:
1152 Version bump, fix for CAN 0415, see bug #59378.
1153
1154 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1155
1156 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1157 +hardened-sources-2.4.26-r3.ebuild,
1158 +files/2.4.26-CAN-2004-0497.patch,
1159 -hardened-sources-2.4.26-r2.ebuild:
1160 Version bump, fixed CAN 0497, see bug #56171.
1161
1162 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1163
1164 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1165 +hardened-sources-2.4.26-r2.ebuild,
1166 +files/2.4.26-CAN-2004-0495.patch,
1167 +files/2.4.26-CAN-2004-0535.patch,
1168 -hardened-sources-2.4.26-r1.ebuild:
1169 Fixes for both CAN 0495 and 0535, see bug #54976
1170
1171 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1172 hardened-sources-2.4.26-r1.ebuild:
1173 QA - fix use invocation
1174
1175 *hardened-sources-2.4.26-r1 (22 June 2004)
1176
1177 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1178 +hardened-sources-2.4.26-r1.ebuild,
1179 +files/2.4.26-CAN-2004-0394.patch,
1180 +files/2.4.26-signal-race.patch,
1181 -hardened-sources-2.4.26.ebuild,
1182 -hardened-sources-2.4.24-r3.ebuild:
1183 Version bump for the CAN-2004-0394 issue and bug #53804
1184 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1185
1186
1187 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1188 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1189 Masked hardened-sources-2.4.26.ebuild broken for ppc
1190
1191 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1192 hardened-sources-2.4.24-r3.ebuild:
1193 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1194
1195 *hardened-sources-2.4.26 (29 May 2004)
1196
1197 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1198 +hardened-sources-2.4.26.ebuild:
1199 Updated hardened-sources for the 2.4.26 kernel
1200 Removed broken components, updated almost everything.
1201
1202 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1203
1204 17 Apr 2004; <plasmaroo@gentoo.org>
1205 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1206 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1207 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1208 +hardened-sources-2.4.24-r3.ebuild:
1209 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1210 vulnerabilities. Old revisions removed.
1211
1212 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1213
1214 15 Apr 2004; <plasmaroo@gentoo.org>
1215 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1216 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1217 Version bump for the CAN-2004-0109 issue; bug #47881.
1218
1219 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1220 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1221 Add eutils to inherit.
1222
1223 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1224
1225 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1226 files/hardened-sources-2.4.24.munmap.patch:
1227 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1228
1229 *hardened-sources-2.4.24 (06 Feb 2004)
1230
1231 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1232 hardened-sources-2.4.24.ebuild:
1233 Version bump, updated most of the components.
1234 This release includes the following:
1235
1236 - Hardened security
1237 - Netfilter patch-o-matic 20031219
1238 - FreeSWAN 2.04 & x509 1.4.8
1239 - EVMS 2.2.2
1240 - XFS 1.3.1
1241 - cryptoloop jari
1242 - grsecurity 2.0-rc4
1243 - SELinux
1244 - PaX 200402060000
1245 - PaX Obscurity 200308302223
1246 - Others...
1247
1248 Neither -ck nor systrace are included anymore.
1249
1250 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1251
1252 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1253 hardened-sources-2.4.22-r2.ebuild:
1254 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1255
1256 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1257
1258 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1259 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1260
1261 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1262 hardened-sources-2.4.22-r1.ebuild:
1263 Version bump for the 'do_brk' vulnerability.
1264
1265 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1266 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1267 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1268 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1269 Fix the 'do_brk' vulnerability.
1270
1271 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1272 hardened-sources-2.4.22.ebuild:
1273 - Removed the src_install() portion for SELinux flask
1274 components. These are no longer handled in the kernel
1275 so this code was not necessary.
1276
1277 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1278 New 2.4.22 based hardened-sources thanks to
1279 Phil West <p.west@computer.org>.
1280
1281 These sources include:
1282 - New SELinux API
1283 - Updated CK-base
1284 - Updated GRSec
1285 - Systrace
1286 - SuperFreeS/WAN 1.99.8
1287 - Propolice kernel build support
1288 - EVMS
1289 - Other various security related patches
1290
1291 *hardened-sources-2.4.21 (14 Sep 2003)
1292
1293 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1294 Updated hardened-sources based on the 2.4.21 Linux kernel.
1295 This includes updates to most major components such as:
1296 - ck-base-0306300059
1297 - selinux-2.4-2003071106
1298 - grsecurity-2.0-rc1
1299 - Updated IPTables patch-o-matic
1300 - Updated SuperFreeS/WAN
1301
1302 Thanks to Phil West <pwest@computer.org> for his work in getting this
1303 updated patch set ready for the 2.4.21 based kernel.
1304
1305 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1306 Initial import of hardened-sources-2.4.20-r4. This revision
1307 includes only a few changes, but one of these is an important
1308 security fix. It is recommended all users of hardened-sources
1309 upgrade to this release.
1310
1311 - ioperm bug fix
1312 - fixed compilation failure when building without GRSec
1313
1314 SAL (Secure Auditing for Linux) is NOT included in this revision
1315 due to time constraints, but is planned for inclusion in the near
1316 future.
1317
1318 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1319
1320 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1321 hardened-sources-2.4.20-r3.ebuild:
1322 Add Header...
1323
1324 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1325 hardened-sources-2.4.20-r3.ebuild:
1326 Removed warnings from ebuild. This kernel should be safe to
1327 use at this point.
1328
1329 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1330
1331 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1332 hardened-sources-2.4.20-r3.ebuild:
1333 New revision. Includes the following changes over -r2:
1334
1335 - ck7-base (O(1), preempt, low latency)
1336 - Super FreeS/WAN 1.99.7rc2
1337 - PaX for the LSM/SELinux branch
1338 - GRSecurity 2.0-pre4 (role based access control)
1339 - Systrace 1.3
1340 - EXT3 fixes
1341 - EVMS 2.0.1
1342 - GCC 3.1+ compile optimizations
1343 - ProPolice kernel build support
1344 - Hashing table security fixes
1345
1346 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1347
1348 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1349 Initial import of hardened-sources-r2. This new
1350 ebuild includes many new performance and security
1351 related patches. As in -r1, it will patch in
1352 LSM/SELinux if "selinux" is in USE, otherwise it
1353 will patch in GRSecurity. The following patches
1354 are included in this revision:
1355
1356 - O(1) Scheduler, Low Latency, and Preempt
1357 (pulled from the base CK patch)
1358 - ptrace exploit patch for the LSM kernel
1359 (the GRSec patch already fixes this)
1360 - LSM 2.4-2003040709
1361 - SELinux 2.4-2003040709
1362 - Systrace v1.2
1363 - IPTables patch-o-matic base patches - 20030107
1364 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1365 - Super FreeS/WAN 1.99.6.1
1366 - GRSecurity 1.9.9g
1367 - MPPE
1368 - EXT3 data journal fix
1369 - CIPE 1.5.4
1370
1371 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1372 hardened-sources-2.4.20-r1.ebuild, manifest:
1373 Updated to install flask components correctly for selinux.
1374
1375 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1376 hardened-sources-2.4.20-r1.ebuild:
1377 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1378 is patched in instead. Ptrace patches for selinux have also been added. In
1379 either case, systrace support will be patched in as well.
1380
1381 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1382 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1383 Revision bump for new sources.
1384
1385 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1386 hardened-sources-2.4.20-r1.ebuild:
1387 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1388
1389 *hardened-sources-2.4.20 (30 Mar 2003)
1390
1391 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1392 hardened-sources-2.4.20.ebuild:
1393 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20