/[gentoo-x86]/sys-kernel/hardened-sources/ChangeLog
Gentoo

Contents of /sys-kernel/hardened-sources/ChangeLog

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.233 - (show annotations) (download)
Mon Aug 18 01:39:02 2008 UTC (6 years, 9 months ago) by solar
Branch: MAIN
Changes since 1.232: +10 -1 lines
- proxy commit for gengor
2.6.26: Initial 2.6.26 release.
2.6.25-r4: Update to Linux 2.6.25.15.  Fixes security bugs #234799, #234803 and #234812.
2.6.25-r2: Removed.
(Portage version: 2.1.4.4)

1 # ChangeLog for sys-kernel/hardened-sources
2 # Copyright 2000-2008 Gentoo Foundation; Distributed under the GPL v2
3 # $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-sources/ChangeLog,v 1.232 2008/08/16 17:47:32 tove Exp $
4
5 *hardened-sources-2.6.26 (18 Aug 2008)
6 *hardened-sources-2.6.25-r4 (18 Aug 2008)
7
8 18 Aug 2008; <solar@gentoo.org> -hardened-sources-2.6.25-r2.ebuild,
9 +hardened-sources-2.6.25-r4.ebuild, +hardened-sources-2.6.26.ebuild:
10 - proxy commit for gengor 2.6.26: Initial 2.6.26 release. 2.6.25-r4: Update
11 to Linux 2.6.25.15. Fixes security bugs #234799, #234803 and #234812.
12 2.6.25-r2: Removed.
13
14 16 Aug 2008; Torsten Veller <tove@gentoo.org> metadata.xml:
15 Remove phreak from metadata.xml (#96398)
16
17 *hardened-sources-2.6.25-r3 (31 Jul 2008)
18
19 31 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.24-r2.ebuild,
20 -hardened-sources-2.6.25.ebuild, -hardened-sources-2.6.25-r1.ebuild,
21 +hardened-sources-2.6.25-r3.ebuild:
22 - 2.6.25-r3: Update to Linux 2.6.25.13 and new grsecurity patch. Multiple
23 fixes, including security bug #231750.
24
25 28 Jul 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.24-r3.ebuild:
26 Stable on ppc
27
28 *hardened-sources-2.6.25-r2 (05 Jul 2008)
29
30 05 Jul 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r11.ebuild,
31 -hardened-sources-2.6.23-r12.ebuild, hardened-sources-2.6.24-r3.ebuild,
32 +hardened-sources-2.6.25-r2.ebuild:
33 2.6.23-r4: Stable x86/amd64
34 2.6.25-r2: Update to Linux 2.6.25.10 and latest grsecurity release.
35 2.6.23-r{11,12}: Removed due to multiple vulns.
36 (gengor & kerframil)
37
38 04 Jul 2008; nixnut <nixnut@gentoo.org>
39 hardened-sources-2.6.23-r13.ebuild:
40 Stable on ppc
41
42 *hardened-sources-2.6.25-r1 (30 Jun 2008)
43
44 30 Jun 2008; <solar@gentoo.org> hardened-sources-2.6.23-r13.ebuild,
45 +hardened-sources-2.6.25-r1.ebuild:
46 2.6.25-r1: Brings in Linux -stable tree patches 2.6.25.{7,8,9} and newer
47 grsecurity release. 2.6.23-r13: x86/amd64 stable
48
49 *hardened-sources-2.6.25 (17 Jun 2008)
50 *hardened-sources-2.6.24-r3 (17 Jun 2008)
51 *hardened-sources-2.6.23-r13 (17 Jun 2008)
52
53 17 Jun 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r13.ebuild,
54 +hardened-sources-2.6.24-r3.ebuild, +hardened-sources-2.6.25.ebuild:
55 * 2.6.23-r13: Fixes security bugs #198997, #212136, #222331, #222635,
56 #224647, #225461, other fixes. * 2.6.24-r3: Fixes security bugs #212136,
57 #222331, #222635, #224647, #225461, grsec/PaX updates/fixes, other fixes. *
58 2.6.25: Initial 2.6.25 release.
59
60 15 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r12.ebuild:
61 - fasttrack to stable x86/amd64
62
63 11 May 2008; Sven Wegener <swegener@gentoo.org> Manifest:
64 Fix broken digest for linux-2.6.24.tar.bz2.
65
66 *hardened-sources-2.6.24-r2 (11 May 2008)
67 *hardened-sources-2.6.23-r12 (11 May 2008)
68
69 11 May 2008; <solar@gentoo.org> -hardened-sources-2.6.23-r7.ebuild,
70 -hardened-sources-2.6.23-r9.ebuild, -hardened-sources-2.6.23-r10.ebuild,
71 +hardened-sources-2.6.23-r12.ebuild, -hardened-sources-2.6.24.ebuild,
72 -hardened-sources-2.6.24-r1.ebuild, +hardened-sources-2.6.24-r2.ebuild:
73 proxy commit for gengor. 2.6.23-r11 shortlog: Fixes security bugs 220691,
74 220975, 220979, 221123. 2.6.24-r2 not-so-shortlog: Fixes bug 215442,
75 security bugs 219901, 220691, 220975, 220979, 221123. New
76 genpatches/grsecurity with numerous updates & fixes. 2.6.23-r7->2.6.23-r10
77 should be removed as far as I'm concerned, everything else remove due to
78 vulnerable to numerous security bugs or brokeness.
79
80 10 May 2008; nixnut <nixnut@gentoo.org>
81 hardened-sources-2.6.23-r11.ebuild:
82 Stable on ppc
83
84 05 May 2008; <solar@gentoo.org> hardened-sources-2.6.23-r11.ebuild:
85 - -r11 stable on x86/amd64
86
87 *hardened-sources-2.6.23-r11 (01 May 2008)
88
89 01 May 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r11.ebuild:
90 - version bump to fix ulgy linux bugs
91
92 *hardened-sources-2.6.24-r1 (30 Apr 2008)
93
94 30 Apr 2008; Christian Heim <phreak@gentoo.org>
95 +hardened-sources-2.6.24-r1.ebuild:
96 Revision bump (thanks to Kerin and Gordon, again), pulling
97 genpatches-2.6.24-7, solving #219089. Additionally contains further security
98 fixes plus some minor updates.
99
100 *hardened-sources-2.6.23-r10 (30 Apr 2008)
101
102 30 Apr 2008; Christian Heim <phreak@gentoo.org>
103 +hardened-sources-2.6.23-r10.ebuild:
104 Revision bump (thanks to Kerin and Gordon, again), solving #213811, #219089.
105 Additional contains "various other fixes".
106
107 09 Apr 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
108 Update the longdescription in metadata, thanks to Gordon Malm.
109
110 08 Apr 2008; nixnut <nixnut@gentoo.org> hardened-sources-2.6.23-r9.ebuild:
111 Stable on ppc wrt bug #213255
112
113 07 Apr 2008; <solar@gentoo.org> -hardened-sources-2.4.35-r2.ebuild,
114 -hardened-sources-2.6.23-r8.ebuild, hardened-sources-2.6.23-r9.ebuild:
115 - stable on x86/amd64 per request. Removed obsolete ebuilds
116
117 *hardened-sources-2.6.24 (07 Apr 2008)
118
119 07 Apr 2008; Christian Heim <phreak@gentoo.org>
120 +hardened-sources-2.6.24.ebuild:
121 Adding ebuild for hardened-sources-2.6.24 (many thanks to Kerin Millar
122 <kerframil at gmail.com> and Gordon Malm <bugs-gentoo-org-02 at bumpin.org>
123 for the many contributions and their continued effort in #216612) based on
124 2.6.24 and genpatches-2.6.24-5.
125
126 The current ebuild/patchset contains these things:
127 * Incoporates unmodified grsec-2.1.11-2.6.24.4-200803262003 patch
128 * Introduces bespoke server and workstation oriented security levels
129 * VDSO_COMPAT cannot be enabled during runtime if PaX is enabled
130
131 30 Mar 2008; Christian Heim <phreak@gentoo.org> metadata.xml:
132 Fix the metadata.xml (Kerin isn't a dev, though he and Gordon are
133 maintaining it).
134
135 24 Mar 2008; Christian Heim <phreak@gentoo.org>
136 hardened-sources-2.4.35-r2.ebuild:
137 Fixing SRC_URI for 2.4.35-r2.
138
139 *hardened-sources-2.6.23-r9 (22 Mar 2008)
140
141 22 Mar 2008; Christian Heim <phreak@gentoo.org>
142 +hardened-sources-2.6.23-r9.ebuild:
143 * Revision bump, rebasing the patchset against genpatches-2.6.23-10.
144 * Change the default GIDs for some grsecurity options
145 * Revamp the Hardened [Gentoo] security level and make it the default level
146 * Fixing compilation on ia64 with CONFIG_MODULES=y (loadable module support)
147 * Fix a recursive lock -- call to capable() within ptrace_attach()
148 * Fix bug that allows audit and iscsi operations to be controlled via netlink
149
150 *hardened-sources-2.6.23-r8 (27 Feb 2008)
151
152 27 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r8.ebuild:
153 - version bump from Kerin Millar bug 210026
154
155 17 Feb 2008; <solar@gentoo.org> metadata.xml,
156 -hardened-sources-2.4.33.4.ebuild, -hardened-sources-2.6.20-r6.ebuild,
157 -hardened-sources-2.6.20-r10.ebuild, -hardened-sources-2.6.23-r4.ebuild,
158 -hardened-sources-2.6.23-r6.ebuild, hardened-sources-2.6.23-r7.ebuild:
159 - stable on x86 and remove old ebuilds
160
161 15 Feb 2008; <solar@gentoo.org> hardened-sources-2.6.23-r7.ebuild:
162 - stable on amd64 per request of amd64 lead
163
164 *hardened-sources-2.6.23-r7 (11 Feb 2008)
165
166 11 Feb 2008; <solar@gentoo.org> +hardened-sources-2.6.23-r7.ebuild:
167 - version bump from kerin.millar
168 Changes:
169
170 * Bump to genpatches-base-2.6.23-9
171 * Ported grsecurity-2.1.11-2.6.23.14-200801231800 to 2.6.23.15
172 * Disables COMPAT_VDSO in x86/defconfig
173 * Removes bogus symbols ACPI_SLEEP_PROC_(FS|SLEEP) from x86_64/defconfig
174
175 25 Jan 2008; Christian Heim <phreak@gentoo.org>
176 -hardened-sources-2.6.22-r8.ebuild:
177 Cleaning up old versions.
178
179 *hardened-sources-2.6.23-r6 (25 Jan 2008)
180
181 25 Jan 2008; Christian Heim <phreak@gentoo.org>
182 -hardened-sources-2.6.23-r5.ebuild, +hardened-sources-2.6.23-r6.ebuild:
183 Revision bump, pulling in the latest genpatches.
184
185 *hardened-sources-2.6.23-r5 (24 Dec 2007)
186
187 24 Dec 2007; Christian Heim <phreak@gentoo.org>
188 hardened-sources-2.4.35-r2.ebuild, hardened-sources-2.6.20-r6.ebuild,
189 hardened-sources-2.6.20-r10.ebuild, hardened-sources-2.6.22-r8.ebuild,
190 hardened-sources-2.6.23-r4.ebuild, +hardened-sources-2.6.23-r5.ebuild:
191 Revision bump, for the promised updated grsec snapshot. Also changing SRC_URI.
192
193 24 Dec 2007; Christian Heim <phreak@gentoo.org>
194 -hardened-sources-2.6.22-r7.ebuild, -hardened-sources-2.6.23.ebuild,
195 -hardened-sources-2.6.23-r1.ebuild, -hardened-sources-2.6.23-r2.ebuild,
196 -hardened-sources-2.6.23-r3.ebuild:
197 Cleaning out some unused, old versions.
198
199 24 Dec 2007; Christian Heim <phreak@gentoo.org>
200 hardened-sources-2.6.23-r4.ebuild:
201 Marking hardened-sources-2.6.23-r4 stable on amd64 and x86. I know it ain't
202 in the tree for long, but there isn't much of a difference between this and
203 -r3. Only this revision pulls in 2.6.23.11 and 2.6.23.12 from genpatches.
204
205 *hardened-sources-2.6.23-r4 (23 Dec 2007)
206
207 23 Dec 2007; Christian Heim <phreak@gentoo.org>
208 +hardened-sources-2.6.23-r4.ebuild:
209 Revision bump, grabbing the lastest genpatches release (2.6.23.12 that is).
210
211 *hardened-sources-2.6.23-r3 (04 Dec 2007)
212
213 04 Dec 2007; Christian Heim <phreak@gentoo.org>
214 +hardened-sources-2.6.23-r3.ebuild:
215 Revision bump, pulling in 2.6.23.9.
216
217 *hardened-sources-2.6.23-r2 (25 Nov 2007)
218
219 25 Nov 2007; Christian Heim <phreak@gentoo.org>
220 +hardened-sources-2.6.23-r2.ebuild:
221 Updated patchset, thanks to solar.
222
223 *hardened-sources-2.6.23-r1 (31 Oct 2007)
224
225 31 Oct 2007; Christian Heim <phreak@gentoo.org>
226 +hardened-sources-2.6.23-r1.ebuild:
227 Revision bump, pulling in the snapshot from 30. October 2007 (18:50).
228
229 29 Oct 2007; <solar@gentoo.org> metadata.xml:
230 - update metadata.xml
231
232 25 Oct 2007; Christian Heim <phreak@gentoo.org>
233 hardened-sources-2.6.22-r8.ebuild:
234 Marking 2.6.22-r8 stable on amd64 and x86.
235
236 21 Oct 2007; Christian Heim <phreak@gentoo.org>
237 -hardened-sources-2.4.35.ebuild, -hardened-sources-2.4.35-r1.ebuild,
238 -hardened-sources-2.6.21-r4.ebuild:
239 Removing old ebuilds.
240
241 *hardened-sources-2.4.35-r2 (21 Oct 2007)
242
243 21 Oct 2007; Christian Heim <phreak@gentoo.org>
244 +hardened-sources-2.4.35-r2.ebuild:
245 Revision bump for 2.4.35. Includes new snapshot and the lastest Linux stable
246 patches.
247
248 *hardened-sources-2.6.22-r8 (21 Oct 2007)
249
250 21 Oct 2007; Christian Heim <phreak@gentoo.org>
251 +hardened-sources-2.6.22-r8.ebuild:
252 Yet another new patch, hopefully fixing the remaining issues we had w/
253 2.6.22. Candidate for stabling.
254
255 *hardened-sources-2.6.23 (13 Oct 2007)
256
257 13 Oct 2007; Christian Heim <phreak@gentoo.org>
258 +hardened-sources-2.6.23.ebuild:
259 Initial hardened-sources-2.6.23. If people still have problems w/ bug
260 194276, try setting CONFIG_PCI_GODIRECT=y instead of CONFIG_PCI_GOANY.
261
262 11 Oct 2007; Christian Heim <phreak@gentoo.org>
263 hardened-sources-2.6.20-r10.ebuild:
264 Pulling in yet another new genpatches version, fixing the PWC bug for real.
265
266 04 Oct 2007; Christian Heim <phreak@gentoo.org>
267 -hardened-sources-2.6.22-r5.ebuild, -hardened-sources-2.6.22-r6.ebuild:
268 Removing old versions.
269
270 *hardened-sources-2.6.22-r7 (01 Oct 2007)
271
272 01 Oct 2007; Christian Heim <phreak@gentoo.org>
273 +hardened-sources-2.6.22-r7.ebuild:
274 Revision bump, pulling in a newer patch. Should fix #194276.
275
276 30 Sep 2007; Christian Heim <phreak@gentoo.org>
277 hardened-sources-2.6.20-r10.ebuild:
278 Marking hardened-sources-2.6.20-r10 stable on x86 and amd64 (on courtesy of
279 Mike Doty).
280
281 *hardened-sources-2.6.22-r6 (26 Sep 2007)
282
283 26 Sep 2007; Christian Heim <phreak@gentoo.org>
284 +hardened-sources-2.6.22-r6.ebuild:
285 Revision bump, grabbing up till Linux 2.6.22.9.
286
287 24 Sep 2007; Christian Heim <phreak@gentoo.org>
288 -hardened-sources-2.6.22-r3.ebuild, -hardened-sources-2.6.22-r4.ebuild:
289 Cleaning up further.
290
291 *hardened-sources-2.6.20-r10 (24 Sep 2007)
292
293 24 Sep 2007; Christian Heim <phreak@gentoo.org>
294 -hardened-sources-2.6.20-r8.ebuild, -hardened-sources-2.6.20-r9.ebuild,
295 +hardened-sources-2.6.20-r10.ebuild:
296 Revision bump, pulling in Linux 2.6.20.20. Removing some of the older
297 revisions.
298
299 *hardened-sources-2.6.22-r5 (22 Sep 2007)
300
301 22 Sep 2007; Christian Heim <phreak@gentoo.org>
302 +hardened-sources-2.6.22-r5.ebuild:
303 Revision bump, pulling in genpatches-2.6.22-8 for CVE-2007-4573.
304
305 17 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
306 Removing johnm from metadata.xml (see #186467 for reference).
307
308 *hardened-sources-2.6.22-r4 (17 Sep 2007)
309
310 17 Sep 2007; Christian Heim <phreak@gentoo.org>
311 +hardened-sources-2.6.22-r4.ebuild:
312 Revision bump, hopefully fixing all those weird PAX failures.
313
314 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
315 Updating the metadata.xml.
316
317 01 Sep 2007; Christian Heim <phreak@gentoo.org> metadata.xml:
318 Removing tocharian from metadata due to his retirement (see #71718 for
319 reference).
320
321 *hardened-sources-2.6.20-r9 (30 Aug 2007)
322
323 30 Aug 2007; Christian Heim <phreak@gentoo.org>
324 +hardened-sources-2.6.20-r9.ebuild:
325 Revision bump for 2.6.20.18 (thanks to kerframil in #gentoo-hardened).
326
327 29 Aug 2007; Christian Heim <phreak@gentoo.org>
328 -hardened-sources-2.4.34.ebuild, -hardened-sources-2.4.34.5.ebuild,
329 -hardened-sources-2.6.20-r2.ebuild, -hardened-sources-2.6.20-r5.ebuild,
330 -hardened-sources-2.6.20-r7.ebuild, -hardened-sources-2.6.21-r3.ebuild,
331 -hardened-sources-2.6.22.ebuild, -hardened-sources-2.6.22-r1.ebuild,
332 -hardened-sources-2.6.22-r2.ebuild:
333 Removing some redundant versions.
334
335 *hardened-sources-2.4.35-r1 (29 Aug 2007)
336
337 29 Aug 2007; Christian Heim <phreak@gentoo.org>
338 +hardened-sources-2.4.35-r1.ebuild:
339 Revision bump, new grsecurity patch.
340
341 *hardened-sources-2.6.20-r8 (26 Aug 2007)
342
343 26 Aug 2007; Christian Heim <phreak@gentoo.org>
344 +hardened-sources-2.6.20-r8.ebuild:
345 Revision bump for Linux 2.6.20.17.
346
347 *hardened-sources-2.6.22-r3 (22 Aug 2007)
348
349 22 Aug 2007; Christian Heim <phreak@gentoo.org>
350 +hardened-sources-2.6.22-r3.ebuild:
351 Revision bump for Linux 2.6.22.4.
352
353 16 Aug 2007; Christian Heim <phreak@gentoo.org>
354 hardened-sources-2.6.22-r2.ebuild:
355 Updated patchset, to fix the alignment against 2.6.22.3.
356
357 *hardened-sources-2.6.22-r2 (16 Aug 2007)
358
359 16 Aug 2007; Christian Heim <phreak@gentoo.org>
360 +hardened-sources-2.6.22-r2.ebuild:
361 Revision bump for Linux 2.6.22.3.
362
363 *hardened-sources-2.4.35 (16 Aug 2007)
364
365 16 Aug 2007; Christian Heim <phreak@gentoo.org>
366 +hardened-sources-2.4.35.ebuild:
367 Version bump, initial version for Linux 2.4.35.
368
369 *hardened-sources-2.6.21-r4 (16 Aug 2007)
370
371 16 Aug 2007; Christian Heim <phreak@gentoo.org>
372 +hardened-sources-2.6.21-r4.ebuild:
373 Revision bump for Linux 2.6.21.6.
374
375 *hardened-sources-2.6.20-r7 (16 Aug 2007)
376
377 16 Aug 2007; Christian Heim <phreak@gentoo.org>
378 +hardened-sources-2.6.20-r7.ebuild:
379 Revision bump for Linux 2.6.20.16.
380
381 *hardened-sources-2.6.22-r1 (13 Aug 2007)
382
383 13 Aug 2007; Christian Heim <phreak@gentoo.org>
384 +hardened-sources-2.6.22-r1.ebuild:
385 Yet another revision bump.
386
387 *hardened-sources-2.6.22 (10 Aug 2007)
388
389 10 Aug 2007; Christian Heim <phreak@gentoo.org>
390 +hardened-sources-2.6.22.ebuild:
391 Initial release for 2.6.22. If you are using hardened-sources on a desktop
392 machine (P4 or newer), be aware you might need to disable
393 CONFIG_PAX_PAGEEXEC.
394
395 04 Aug 2007; Christian Heim <phreak@gentoo.org>
396 hardened-sources-2.6.20-r6.ebuild:
397 Stabling hardened-sources-2.6.20-r6 for amd64, ppc and x86 due to Linux
398 2.6.20.15.
399
400 10 Jul 2007; Christian Heim <phreak@gentoo.org>
401 hardened-sources-2.6.20-r5.ebuild:
402 Marking hardened-sources-2.6.20-r5 stable on ppc.
403
404 10 Jul 2007; Christian Heim <phreak@gentoo.org>
405 -hardened-sources-2.4.32-r6.ebuild, -hardened-sources-2.4.32-r7.ebuild:
406 Cleanup.
407
408 *hardened-sources-2.6.20-r6 (08 Jul 2007)
409
410 08 Jul 2007; Christian Heim <phreak@gentoo.org>
411 +hardened-sources-2.6.20-r6.ebuild:
412 Revision bump, grabbing yet another stable release.
413
414 17 Jun 2007; Christian Heim <phreak@gentoo.org>
415 -hardened-sources-2.6.18-r6.ebuild, -hardened-sources-2.6.20-r4.ebuild,
416 -hardened-sources-2.6.21-r2.ebuild:
417 Removing older ebuilds, hardened-sources-2.6.18-r6 seems to have gotten the
418 alpha stable KEYWORD by mistake.
419
420 17 Jun 2007; Christian Heim <phreak@gentoo.org>
421 hardened-sources-2.6.20-r5.ebuild:
422 Stabling hardened-sources-2.6.20-r5 due to security bug #181647 (as
423 genpatches-2.6.20-12.base contains up to Linux 2.6.20.14) on amd64 and x86.
424
425 *hardened-sources-2.6.21-r3 (12 Jun 2007)
426
427 12 Jun 2007; Christian Heim <phreak@gentoo.org>
428 +hardened-sources-2.6.21-r3.ebuild:
429 Revision bump for hardened-sources-2.6.21, incorporating various CVE (some
430 of them critical), two stable releases (2.6.21.4,2.6.21.5) and some other
431 love.
432
433 *hardened-sources-2.6.20-r5 (11 Jun 2007)
434
435 11 Jun 2007; Christian Heim <phreak@gentoo.org>
436 +hardened-sources-2.6.20-r5.ebuild:
437 Revision bump for hardened-sources-2.6.20, incorporating various CVE (some
438 of them critical), two stable releases (2.6.20.13,2.6.20.14) and some other
439 love.
440
441 *hardened-sources-2.4.34.5 (11 Jun 2007)
442
443 11 Jun 2007; Alexander Gabert <pappy@gentoo.org>
444 +hardened-sources-2.4.34.5.ebuild:
445 added new hardened-sources 2.4 version, thx to phreak, solar, pipacs
446
447 30 May 2007; Christian Heim <phreak@gentoo.org>
448 -hardened-sources-2.6.18.ebuild, hardened-sources-2.6.20-r2.ebuild:
449 Marking 2.6.20-r2 stable on ppc with permission of Gysbert. Removing more
450 stale ebuild(s).
451
452 30 May 2007; Christian Heim <phreak@gentoo.org>
453 -hardened-sources-2.6.14-r7.ebuild, -hardened-sources-2.6.16-r11.ebuild,
454 -hardened-sources-2.6.17-r1.ebuild, -hardened-sources-2.6.19-r6.ebuild,
455 -hardened-sources-2.6.20.ebuild, -hardened-sources-2.6.20-r1.ebuild:
456 Doing some cleanups, remove stale ebuilds.
457
458 26 May 2007; Christian Heim <phreak@gentoo.org>
459 hardened-sources-2.6.21-r2.ebuild:
460 Fixing the grsecurity patch, had one '};' too much.
461
462 *hardened-sources-2.6.21-r2 (26 May 2007)
463
464 26 May 2007; Christian Heim <phreak@gentoo.org>
465 -hardened-sources-2.6.21.ebuild, -hardened-sources-2.6.21-r1.ebuild,
466 +hardened-sources-2.6.21-r2.ebuild:
467 Revision bump, including Linux 2.6.21.3 (fixing CVE-2007-2451). Updating the
468 grsecurity patch to 2.1.10-2.6.21.1-200705221918.
469
470 *hardened-sources-2.6.20-r4 (26 May 2007)
471
472 26 May 2007; Christian Heim <phreak@gentoo.org>
473 -hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.20-r4.ebuild:
474 Revision bump, including Linux 2.6.20.12 (which in fact fixed some security
475 bugs, at the very least CVE-2007-2451). Possible candidate for stable marking.
476
477 15 May 2007; Christian Heim <phreak@gentoo.org>
478 hardened-sources-2.6.20-r3.ebuild:
479 Looks like hardened-sources-2.6.20-r3 needs a new patch, as 2.6.20.11
480 introduced a change in arch/sparc64/kernel/pci_iommu.c, which made the
481 grsecurity patch fail in that exact same hunk.
482
483 *hardened-sources-2.6.20-r3 (15 May 2007)
484
485 15 May 2007; Christian Heim <phreak@gentoo.org>
486 +hardened-sources-2.6.20-r3.ebuild, +hardened-sources-2.6.21-r1.ebuild:
487 Revision bump, incorporating Linux 2.6.20.11.
488
489 *hardened-sources-2.6.21-r1 (11 May 2007)
490
491 11 May 2007; Christian Heim <phreak@gentoo.org>
492 +hardened-sources-2.6.21-r1.ebuild:
493 Revision bump, hopefully fixing the GRSECURITY/GRKERNSEC mixup pipacs
494 mentioned in #177234.
495
496 07 May 2007; Kevin F. Quinn <kevquinn@gentoo.org>
497 files/digest-hardened-sources-2.6.21, Manifest:
498 Fix Manifest/digest for linux-2.6.21.tar.bz2
499
500 06 May 2007; Christian Heim <phreak@gentoo.org>
501 hardened-sources-2.6.21.ebuild:
502 Bumping the hardened-patches version, needed for the fix for #177234.
503
504 *hardened-sources-2.6.21 (02 May 2007)
505
506 02 May 2007; Christian Heim <phreak@gentoo.org>
507 +hardened-sources-2.6.21.ebuild:
508 Version bump, Linux 2.6.21-hardened.
509
510 29 Apr 2007; Christian Heim <phreak@gentoo.org>
511 hardened-sources-2.6.20-r2.ebuild:
512 Adding ~ia64 on Ned's request.
513
514 29 Apr 2007; Christian Heim <phreak@gentoo.org>
515 hardened-sources-2.6.20-r2.ebuild:
516 Fixing the included grsecurity patch, wasn't alligning due to the Index:
517 header line(s).
518
519 29 Apr 2007; Christian Heim <phreak@gentoo.org>
520 hardened-sources-2.6.20-r2.ebuild:
521 Stabilizing hardened-sources-2.6.20-r2 on amd64 and x86.
522
523 *hardened-sources-2.6.20-r2 (10 Apr 2007)
524
525 10 Apr 2007; Raúl Porcel <armin76@gentoo.org>
526 +hardened-sources-2.6.20-r2.ebuild:
527 Version bump, on behalf of phreak
528
529 *hardened-sources-2.6.20-r1 (04 Apr 2007)
530
531 04 Apr 2007; Christian Heim <phreak@gentoo.org>
532 +hardened-sources-2.6.20-r1.ebuild:
533 Revision bump, grabbing a newer grsecurity snapshot.
534
535 *hardened-sources-2.6.20 (25 Mar 2007)
536
537 25 Mar 2007; Christian Heim <phreak@gentoo.org>
538 +hardened-sources-2.6.20.ebuild:
539 Finally a hardened-sources version for 2.6.20; many people have been waiting
540 for this. Thanks to Steve for preliminary testing, thanks to Ned for the
541 testbox.
542
543 16 Mar 2007; Tony Vroon <chainsaw@gentoo.org>
544 hardened-sources-2.6.18-r6.ebuild:
545 Marked stable on amd64 and x86. AMD64 keyword ack'ed by welp.
546
547 *hardened-sources-2.6.18-r6 (16 Mar 2007)
548
549 16 Mar 2007; Christian Heim <phreak@gentoo.org>
550 -hardened-sources-2.6.18-r5.ebuild, +hardened-sources-2.6.18-r6.ebuild:
551 Fixing CVE-2007-1000 locally (hardened/), thanks to Tony for pushing. And
552 yes I screwed up, this is tagged as 2.6.18-5 and not 2.6.18-6 as it's
553 supposed to be.
554
555 06 Mar 2007; Christian Heim <phreak@gentoo.org> ChangeLog:
556 Fixing the Manifest, the previous one was broken (as in still had the
557 deleted ebuild in it).
558
559 06 Mar 2007; Christian Heim <phreak@gentoo.org>
560 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
561 +hardened-sources-2.6.18-r5.ebuild:
562 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
563 Linux 2.6.18.8. Also cleaning up the older version.
564
565 *hardened-sources-2.6.18-r5 (06 Mar 2007)
566
567 06 Mar 2007; Christian Heim <phreak@gentoo.org>
568 -hardened-sources-2.6.16-r10.ebuild, -hardened-sources-2.6.18-r4.ebuild,
569 +hardened-sources-2.6.18-r5.ebuild:
570 Bumping the ~arch'ed 2.6.18 version, pulling in genpatches-2.6.18-10 for
571 Linux 2.6.18.8. Also cleaning up the older version.
572
573 24 Feb 2007; Christian Heim <phreak@gentoo.org>
574 -hardened-sources-2.6.19-r3.ebuild, -hardened-sources-2.6.19-r4.ebuild,
575 -hardened-sources-2.6.19-r5.ebuild:
576 Removing some of the old version, that didn't work.
577
578 *hardened-sources-2.6.19-r6 (12 Feb 2007)
579
580 12 Feb 2007; Christian Heim <phreak@gentoo.org>
581 +hardened-sources-2.6.19-r6.ebuild:
582 Revision bump, including a new grsec version fixing #166235.
583
584 *hardened-sources-2.4.34 (24 Jan 2007)
585
586 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
587 Manifest:
588 updating Manifest with checksums of new tarball and ebuild
589
590 24 Jan 2007; Alexander Gabert <pappy@gentoo.org>
591 +hardened-sources-2.4.34.ebuild:
592 I added new hardened sources 2.4 update, this is a critical path
593 security bugfix - all users of h-s are strongly advised
594 to update their existing hardened sources to this version.
595 It contains a fix for a kernel vulnerability that is pertaining
596 to the PaX changes to virtual memory management, possibly leading
597 to a local kernel exploit ... see grsecurity.net forums and homepage
598
599 23 Jan 2007; Christian Heim <phreak@gentoo.org>
600 files/digest-hardened-sources-2.6.19-r5, Manifest:
601 Fixing the patch-tarball digest.
602
603 *hardened-sources-2.6.19-r5 (23 Jan 2007)
604
605 23 Jan 2007; Christian Heim <phreak@gentoo.org>
606 +hardened-sources-2.6.19-r5.ebuild:
607 Revision bump, closing the recently discovered PaX expand_stack()
608 vulnerability.
609
610 *hardened-sources-2.6.19-r4 (14 Jan 2007)
611
612 14 Jan 2007; Christian Heim <phreak@gentoo.org>
613 +hardened-sources-2.6.19-r4.ebuild:
614 Revision bump, pulling in linux-2.6.19.2 and grsecurity 2.1.10 - thus
615 dropping the randomized PID feature.
616
617 11 Jan 2007; Christian Faulhammer <opfer@gentoo.org>
618 hardened-sources-2.4.33.4.ebuild:
619 stable x86, bug #161171
620
621 *hardened-sources-2.6.19-r3 (27 Dec 2006)
622
623 27 Dec 2006; Christian Heim <phreak@gentoo.org>
624 -hardened-sources-2.6.19-r2.ebuild, +hardened-sources-2.6.19-r3.ebuild:
625 Revision bump for bug #157186 and #158786.
626
627 *hardened-sources-2.6.18-r4 (27 Dec 2006)
628
629 27 Dec 2006; Christian Heim <phreak@gentoo.org>
630 -hardened-sources-2.6.18-r3.ebuild, +hardened-sources-2.6.18-r4.ebuild:
631 Revision bump for bug #157186.
632
633 *hardened-sources-2.6.19-r2 (23 Dec 2006)
634
635 23 Dec 2006; Christian Heim <phreak@gentoo.org>
636 -hardened-sources-2.6.19-r1.ebuild, +hardened-sources-2.6.19-r2.ebuild:
637 Revision bump to pull in genpatches-2.6.19-3 for #157186.
638
639 17 Dec 2006; Christian Heim <phreak@gentoo.org>
640 hardened-sources-2.6.14-r7.ebuild, hardened-sources-2.6.16-r10.ebuild,
641 hardened-sources-2.6.16-r11.ebuild, hardened-sources-2.6.17-r1.ebuild,
642 hardened-sources-2.6.18.ebuild, hardened-sources-2.6.18-r3.ebuild,
643 hardened-sources-2.6.19-r1.ebuild:
644 Adding 4453_grsec-2.1.9-2.6.19-io-kmem-sysctl.patch to UNIPATCH_EXLUDE,
645 adding correct HOMEPAGE and adjusting DESCRIPTION (thanks to Alexander).
646
647 *hardened-sources-2.4.33.4 (17 Dec 2006)
648
649 17 Dec 2006; Alexander Gabert <pappy@gentoo.org>
650 +hardened-sources-2.4.33.4.ebuild:
651 new 2.4.33.4 version including grsec and fixes, thanks to phreak for help
652 and quilting
653
654 *hardened-sources-2.6.19-r1 (14 Dec 2006)
655
656 14 Dec 2006; Christian Heim <phreak@gentoo.org>
657 -hardened-sources-2.6.19.ebuild, +hardened-sources-2.6.19-r1.ebuild:
658 Revision bump, fixing #158107 (thanks to Petre Rodan <kaiowas at gentoo.org>
659 for reporting).
660
661 *hardened-sources-2.6.19 (13 Dec 2006)
662
663 13 Dec 2006; Christian Heim <phreak@gentoo.org>
664 +hardened-sources-2.6.19.ebuild:
665 And finally 2.6.19, thanks to Ned (who prepared the inital patchset) and
666 Brad for providing that prompt update.
667
668 *hardened-sources-2.6.18-r3 (13 Dec 2006)
669
670 13 Dec 2006; Christian Heim <phreak@gentoo.org>
671 -hardened-sources-2.6.18-r1.ebuild, -hardened-sources-2.6.18-r2.ebuild,
672 +hardened-sources-2.6.18-r3.ebuild:
673 Revision bump, excluding the faulty patch. Thanks to Anakim Border and Peter
674 S. Mazinger. Closes #157409 for now. Also removing the previous revisions.
675
676 09 Dec 2006; Christian Heim <phreak@gentoo.org> Manifest:
677 Fixing the metadata.xml Manifest entry (thanks to xaid and ml8128 in #gentoo-hardened).
678
679 08 Dec 2006; nixnut <nixnut@gentoo.org> hardened-sources-2.6.18.ebuild:
680 Stable on ppc wrt bug 157356
681
682 07 Dec 2006; Christian Faulhammer <opfer@gentoo.org>
683 hardened-sources-2.6.18.ebuild:
684 stable x86, bug #157356
685
686 *hardened-sources-2.6.18-r2 (06 Dec 2006)
687
688 06 Dec 2006; Christian Heim <phreak@gentoo.org>
689 +hardened-sources-2.6.18-r2.ebuild:
690 Revision bump, including 2.6.18.5 (via genpatches) and
691 4454_grsec-2.1.9-2.6.18.2-io-kmem-sysctl.patch based on Peter Mazinger and
692 Ned Ludd's original patch. Thanks to Alexander Gabert (pappy) for the
693 redesign.
694
695 06 Dec 2006; Christian Heim <phreak@gentoo.org>
696 hardened-sources-2.6.18.ebuild:
697 Marking hardened-sources-2.6.18 stable on amd64 (see bug #157356, on behalf
698 of Mike Doty).
699
700 *hardened-sources-2.6.18-r1 (23 Nov 2006)
701
702 23 Nov 2006; Christian Heim <phreak@gentoo.org>
703 +hardened-sources-2.6.18-r1.ebuild:
704 Revision bump to genpatches-2.6.18-4 (including 2.6.18.3).
705
706 *hardened-sources-2.6.18 (11 Nov 2006)
707
708 11 Nov 2006; Christian Heim <phreak@gentoo.org>
709 +hardened-sources-2.6.18.ebuild:
710 Version bump, thanks to Alexander Gabert we're finally at 2.6.18.
711
712 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
713 - mark amd64 stable also. bug #151877
714
715 18 Oct 2006; <solar@gentoo.org> hardened-sources-2.6.17-r1.ebuild:
716 - mark 2.6.17-r1 stable
717
718 27 Aug 2006; Christian Heim <phreak@gentoo.org>
719 -hardened-sources-2.6.17.ebuild, hardened-sources-2.6.17-r1.ebuild:
720 Removing old ebuild, removing unipatch from newer ebuild (need to fix it!).
721
722 *hardened-sources-2.6.17-r1 (26 Aug 2006)
723
724 26 Aug 2006; Christian Heim <phreak@gentoo.org>
725 +hardened-sources-2.6.17-r1.ebuild:
726 Revision bump to genpatches-2.6.17-8 (including .9 and .10) and updating the
727 grsecurity patch.
728
729 *hardened-sources-2.6.17 (17 Aug 2006)
730
731 17 Aug 2006; Christian Heim <phreak@gentoo.org>
732 +hardened-sources-2.6.17.ebuild:
733 Bumping the hardened-sources-2.6 series to 2.6.17, using
734 genpatches-2.6.17-6.base.
735
736 07 Aug 2006; <solar@gentoo.org> hardened-sources-2.6.16-r11.ebuild:
737 - stable on x86 and amd64
738
739 *hardened-sources-2.6.16-r11 (15 Jul 2006)
740
741 15 Jul 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r3.ebuild,
742 -hardened-sources-2.4.32-r4.ebuild, -hardened-sources-2.4.32-r5.ebuild,
743 -hardened-sources-2.6.14-r8.ebuild, -hardened-sources-2.6.16-r7.ebuild,
744 -hardened-sources-2.6.16-r9.ebuild, +hardened-sources-2.6.16-r11.ebuild:
745 - 2.6.16 bumped for CVE-2006-3626 ; digest fix for 2.4.32-r6 ; removed old
746 crusty ebuilds
747
748 14 Jul 2006; John Mylchreest <johnm@gentoo.org>
749 hardened-sources-2.6.16-r10.ebuild:
750 marking stable on x86 and amd64
751
752 13 Jul 2006; <solar@gentoo.org> hardened-sources-2.4.32-r6.ebuild:
753 - 2.4.32-r6 stable on x86. RSBAC state unknown
754
755 *hardened-sources-2.4.32-r7 (10 Jul 2006)
756
757 10 Jul 2006; Guillaume Destuynder <kang@gentoo.org>
758 +hardened-sources-2.4.32-r7.ebuild:
759 Bump PaX for RSBAC to test-17
760
761 *hardened-sources-2.6.16-r9 (03 Jul 2006)
762
763 03 Jul 2006; John Mylchreest <johnm@gentoo.org>
764 -hardened-sources-2.6.16-r6.ebuild, +hardened-sources-2.6.16-r9.ebuild:
765 hardened-sources-2.6.16 bump to latest -base.
766
767 *hardened-sources-2.4.32-r6 (30 Jun 2006)
768
769 30 Jun 2006; <solar@gentoo.org> -hardened-sources-2.4.32-r2.ebuild,
770 hardened-sources-2.4.32-r4.ebuild, +hardened-sources-2.4.32-r6.ebuild:
771 - backport CVE-2006-0039, CVE-2006-1857 and CVE-2006-1858 and new grsecurity
772 sysctl controlable resource logging
773
774 *hardened-sources-2.6.16-r7 (05 Jun 2006)
775
776 05 Jun 2006; John Mylchreest <johnm@gentoo.org>
777 -hardened-sources-2.6.16-r5.ebuild, +hardened-sources-2.6.16-r7.ebuild:
778 push new 2.6.16 release in preparation for stable
779
780 22 May 2006; <solar@gentoo.org> :
781 - redigest bug 134002
782
783 *hardened-sources-2.4.32-r5 (16 May 2006)
784
785 16 May 2006; Guillaume Destuynder <kang@gentoo.org>
786 +hardened-sources-2.4.32-r5.ebuild:
787 Fixes rsbac common patching (new patch in new -r5 patchset)
788
789 *hardened-sources-2.4.32-r4 (13 May 2006)
790
791 13 May 2006; <solar@gentoo.org> hardened-sources-2.4.32-r3.ebuild,
792 +hardened-sources-2.4.32-r4.ebuild:
793 - security bumps
794
795 *hardened-sources-2.6.16-r6 (03 May 2006)
796
797 03 May 2006; John Mylchreest <johnm@gentoo.org>
798 +hardened-sources-2.6.16-r6.ebuild:
799 bump hardened-2.6.16 to 2.6.16.12 and latest grsec snapshot
800
801 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
802 hardened-sources-2.6.14-r8.ebuild:
803 fix x86_64 build problem, this will delay the digest issue again for a short
804 while but it will sort itself out
805
806 28 Apr 2006; John Mylchreest <johnm@gentoo.org>
807 hardened-sources-2.6.14-r8.ebuild:
808 bump hardened patchset
809
810 27 Apr 2006; Alec Warner <antarus@gentoo.org>
811 files/digest-hardened-sources-2.4.32-r2,
812 files/digest-hardened-sources-2.4.32-r3,
813 files/digest-hardened-sources-2.6.14-r8, Manifest:
814 Fixing duff SHA256 digests: Bug # 131293
815
816 *hardened-sources-2.6.16-r5 (27 Apr 2006)
817
818 27 Apr 2006; John Mylchreest <johnm@gentoo.org>
819 -hardened-sources-2.6.14-r6.ebuild, hardened-sources-2.6.14-r8.ebuild,
820 -hardened-sources-2.6.16-r4.ebuild, +hardened-sources-2.6.16-r5.ebuild:
821 stablise 2.6.14-r8 on x86 & amd64, bump 2.6.16 to fix CVE-2006-1863 &
822 cleanup of old uneccessary sources
823
824 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
825 fix digest
826
827 *hardened-sources-2.6.14-r8 (20 Apr 2006)
828
829 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
830 +hardened-sources-2.6.14-r8.ebuild:
831 fix CVE-2006-1056, CVE-2006-1525, CVE-2006-1524
832
833 20 Apr 2006; John Mylchreest <johnm@gentoo.org> ChangeLog:
834 Turning on gpg-signing again, and recomitting
835
836 *hardened-sources-2.6.16-r4 (20 Apr 2006)
837
838 20 Apr 2006; John Mylchreest <johnm@gentoo.org>
839 -hardened-sources-2.6.16-r2.ebuild, -hardened-sources-2.6.16-r3.ebuild,
840 +hardened-sources-2.6.16-r4.ebuild:
841 Fix numerous security vulns
842
843 *hardened-sources-2.4.32-r3 (16 Apr 2006)
844
845 16 Apr 2006; <solar@gentoo.org> -hardened-sources-2.4.30-r1.ebuild,
846 -hardened-sources-2.4.31.ebuild, -hardened-sources-2.4.32-r1.ebuild,
847 +hardened-sources-2.4.32-r3.ebuild, -hardened-sources-2.4.32.ebuild:
848 - security bump for bug #112791. Removed old ebuilds
849
850 *hardened-sources-2.6.16-r3 (15 Apr 2006)
851
852 15 Apr 2006; John Mylchreest <johnm@gentoo.org>
853 +hardened-sources-2.6.16-r3.ebuild:
854 Removing silly localversion which I missed
855
856 *hardened-sources-2.6.14-r7 (14 Apr 2006)
857
858 14 Apr 2006; John Mylchreest <johnm@gentoo.org>
859 -hardened-sources-2.6.14-r5.ebuild, +hardened-sources-2.6.14-r7.ebuild:
860 Fixes CVE-2006-0744, CVE-2006-0744, CVE-2006-1522, CVE-2006-1242
861
862 *hardened-sources-2.6.16-r2 (13 Apr 2006)
863
864 13 Apr 2006; John Mylchreest <johnm@gentoo.org>
865 -hardened-sources-2.6.16.ebuild, -hardened-sources-2.6.16-r1.ebuild,
866 +hardened-sources-2.6.16-r2.ebuild:
867 Removing vulnerable 2.6.16 kernels. Bumping grsec, re-enabling reiserfs sec
868 labels, dropping USERGROUP define fixes, since these were merged mainstream.
869
870 *hardened-sources-2.6.16-r1 (11 Apr 2006)
871
872 11 Apr 2006; John Mylchreest <johnm@gentoo.org>
873 +hardened-sources-2.6.16-r1.ebuild:
874 Bumping to include ppc build fix and 2.6.16.3
875
876 06 Apr 2006; Joshua Jackson <tsunam@gentoo.org>
877 hardened-sources-2.6.14-r6.ebuild:
878 Stable on x86; bug #127718
879
880 *hardened-sources-2.6.16 (31 Mar 2006)
881
882 31 Mar 2006; John Mylchreest <johnm@gentoo.org>
883 +hardened-sources-2.6.16.ebuild:
884 Bumping to new version of grsec, and kernel base. New squashfs. Based on
885 2.6.16.1
886
887 30 Mar 2006; Marcus D. Hanwell <cryos@gentoo.org>
888 hardened-sources-2.6.14-r6.ebuild:
889 Stable on amd64, bug 127718.
890
891 28 Mar 2006; <nixnut@gentoo.org> hardened-sources-2.6.14-r6.ebuild:
892 Stable on ppc. Bug #127718
893
894 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
895 -hardened-sources-2.6.11-r15.ebuild, -hardened-sources-2.6.14-r3.ebuild,
896 -hardened-sources-2.6.14-r4.ebuild:
897 Cleanup.
898
899 *hardened-sources-2.6.14-r6 (15 Mar 2006)
900
901 15 Mar 2006; John Mylchreest <johnm@gentoo.org>
902 +hardened-sources-2.6.14-r6.ebuild:
903 Fixes grsec policy recreation bug and adds a
904 >=sys-apps/gradm-2.1.8.200601212342-r1 depend.
905
906 02 Mar 2006; <solar@gentoo.org> hardened-sources-2.4.32-r2.ebuild:
907 - stable on x86
908
909 19 Feb 2006; Michael Hanselmann <hansmi@gentoo.org>
910 hardened-sources-2.6.14-r5.ebuild:
911 Stable on ppc.
912
913 *hardened-sources-2.6.14-r5 (01 Feb 2006)
914
915 01 Feb 2006; John Mylchreest <johnm@gentoo.org>
916 +hardened-sources-2.6.14-r5.ebuild:
917 fixing every known exploit
918
919 *hardened-sources-2.4.32-r2 (26 Jan 2006)
920
921 26 Jan 2006; <solar@gentoo.org> hardened-sources-2.4.32-r1.ebuild,
922 +hardened-sources-2.4.32-r2.ebuild:
923 - mark 2.4.32-r1 stable. added 2.4.32-r2 with 2.1.8-grsec patch
924
925 *hardened-sources-2.6.14-r4 (12 Jan 2006)
926
927 12 Jan 2006; <solar@gentoo.org> +hardened-sources-2.6.14-r4.ebuild:
928 - version bump for new genpatches which fix up a few sec holes
929
930 *hardened-sources-2.4.32-r1 (05 Jan 2006)
931
932 05 Jan 2006; <solar@gentoo.org> +hardened-sources-2.4.32-r1.ebuild:
933 - revision bump to add misc vital linux kernel security patches.
934
935 *hardened-sources-2.6.14-r3 (30 Dec 2005)
936
937 30 Dec 2005; John Mylchreest <johnm@gentoo.org>
938 -hardened-sources-2.6.14-r2.ebuild, +hardened-sources-2.6.14-r3.ebuild:
939 Marking stable, and bumping for sec vuln. Fixes bugs #117171, #117040
940
941 28 Dec 2005; John Mylchreest <johnm@gentoo.org>
942 hardened-sources-2.6.14-r2.ebuild:
943 making x86 & amd64 stable following testing.
944
945 *hardened-sources-2.6.14-r2 (27 Dec 2005)
946
947 27 Dec 2005; John Mylchreest <johnm@gentoo.org>
948 -hardened-sources-2.6.14-r1.ebuild, +hardened-sources-2.6.14-r2.ebuild:
949 Fixing bugs 116832 115771 114635, updating grsec, removing selinux/pax
950 network hooks.
951
952 06 Dec 2005; John Mylchreest <johnm@gentoo.org>
953 hardened-sources-2.6.14-r1.ebuild:
954 bumping to stable early for sec fix on x86 & amd64
955
956 *hardened-sources-2.6.14-r1 (05 Dec 2005)
957
958 05 Dec 2005; John Mylchreest <johnm@gentoo.org>
959 -hardened-sources-2.6.14.ebuild, +hardened-sources-2.6.14-r1.ebuild:
960 bumping to genpatches 2.6.14-5, security fixup. Also bumping grsec patchset.
961
962 04 Dec 2005; <solar@gentoo.org> hardened-sources-2.4.32.ebuild:
963 - stable on x86 security bug #114227 CAN-2005-3257
964
965 *hardened-sources-2.4.32 (19 Nov 2005)
966
967 19 Nov 2005; Guillaume Destuynder <kang@gentoo.org>
968 +hardened-sources-2.4.32.ebuild:
969 Bump to 2.4.32, includes RSBAC+PaX patchset with a local 'rsbac' keyword.
970 Add the 'rsbac' USE flag in /etc/portage/package.use for hardened-sources to
971 have RSBAC instead of GrSecurity patchset. (echo sys-kernel/hardened-sources
972 rsbac >> /etc/portage/package.use)
973
974 *hardened-sources-2.6.14 (14 Nov 2005)
975
976 14 Nov 2005; John Mylchreest <johnm@gentoo.org>
977 -hardened-sources-2.6.13-r2.ebuild, +hardened-sources-2.6.14.ebuild:
978 Bumping 2.6 series to 2.6.14.2
979
980 *hardened-sources-2.6.13-r2 (20 Oct 2005)
981
982 20 Oct 2005; John Mylchreest <johnm@gentoo.org>
983 -hardened-sources-2.6.13.ebuild, -hardened-sources-2.6.13-r1.ebuild,
984 +hardened-sources-2.6.13-r2.ebuild:
985 Fixes minor build error in ppc.
986
987 *hardened-sources-2.6.13-r1 (17 Oct 2005)
988
989 17 Oct 2005; John Mylchreest <johnm@gentoo.org>
990 +hardened-sources-2.6.13-r1.ebuild:
991 Updating grsec to latest snapshot. Fixes some minor issues. Updating to
992 2.6.13.4, fixes some major amd64 stability problems.
993
994 *hardened-sources-2.6.13 (16 Sep 2005)
995
996 16 Sep 2005; John Mylchreest <johnm@gentoo.org>
997 -hardened-sources-2.6.11-r14.ebuild, +hardened-sources-2.6.13.ebuild:
998 2.6.13.1 with grsec testing patches. Lots of changes, to name a few big
999 ones: inotify now in kernel, RBAC has moved to chained-hash tables so RBAC
1000 users should test this thoroughly.
1001
1002 01 Jul 2005; <solar@gentoo.org> hardened-sources-2.4.31.ebuild:
1003 - stable on x86
1004
1005 *hardened-sources-2.6.11-r15 (27 Jun 2005)
1006
1007 27 Jun 2005; John Mylchreest <johnm@gentoo.org>
1008 +hardened-sources-2.6.11-r15.ebuild:
1009 Fixes CAN-2005-1763, CAN-2005-1265 & CAN-2005-176. Also fixes problem with
1010 grsec redefining curr_ip struct.
1011
1012 *hardened-sources-2.4.31 (20 Jun 2005)
1013
1014 20 Jun 2005; <solar@gentoo.org> +hardened-sources-2.4.31.ebuild:
1015 initial import of 2.4.31 tree
1016
1017 *hardened-sources-2.6.11-r14 (14 Jun 2005)
1018
1019 14 Jun 2005; John Mylchreest <johnm@gentoo.org>
1020 -hardened-sources-2.6.11-r13.ebuild, +hardened-sources-2.6.11-r14.ebuild:
1021 Updating inotify, grsec, updating to 11-14 genpatches.base, restructuring
1022 naming scheme to abide by genpatches
1023
1024 *hardened-sources-2.6.11-r13 (18 May 2005)
1025
1026 18 May 2005; John Mylchreest <johnm@gentoo.org>
1027 -hardened-sources-2.6.11-r12.ebuild, +hardened-sources-2.6.11-r13.ebuild:
1028 Managed to mangle the Makefile patch from grsec, to miss out the grsec
1029 target. sorry about that. Fixes bug #93022
1030
1031 *hardened-sources-2.6.11-r12 (17 May 2005)
1032
1033 17 May 2005; John Mylchreest <johnm@gentoo.org>
1034 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1035 +hardened-sources-2.6.11-r12.ebuild:
1036 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1037 merges in genpatches-base
1038
1039 *hardened-sources-2.6.11-r12 (17 May 2005)
1040
1041 17 May 2005; John Mylchreest <johnm@gentoo.org>
1042 -hardened-sources-2.6.10-r3.ebuild, -hardened-sources-2.6.11-r1.ebuild,
1043 +hardened-sources-2.6.11-r12.ebuild:
1044 Cleanup older sources. Update to 2.6.11.10 - fixes several sec vulns. Also
1045 merges in genpatches-base
1046
1047 29 Apr 2005; <solar@gentoo.org> -files/2.4.27-CAN-2004-0394.patch,
1048 -files/2.4.27-cmdline-race.patch,
1049 -files/2.4.28-grsec-2.1.0-pax-mmap-pgtables.patch,
1050 -files/2.4.28-grsec-binfmt_a.out.patch,
1051 -files/2.4.28-grsec-cmdline-race.patch,
1052 -files/2.4.28-selinux-binfmt_a.out.patch,
1053 -files/2.4.28-selinux-cmdline-race.patch,
1054 -hardened-sources-2.4.28-r5.ebuild, -hardened-sources-2.4.29.ebuild,
1055 hardened-sources-2.4.30-r1.ebuild, -hardened-sources-2.4.30.ebuild:
1056 - mark .30-r1 stable and remove older vuln ebuilds from the tree. filesdir
1057 cleanup..
1058
1059 *hardened-sources-2.4.30-r1 (21 Apr 2005)
1060
1061 21 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30-r1.ebuild:
1062 - disable aout by default
1063
1064 *hardened-sources-2.4.30 (18 Apr 2005)
1065
1066 18 Apr 2005; <solar@gentoo.org> +hardened-sources-2.4.30.ebuild:
1067 - 2.4.30 version bump. Adds 4008_CAN-2004-1056 back which was lost in 2.4.29
1068 and an optional optimize for size -Os patch with a gcc-3.4 fix for embedded
1069 use
1070
1071 *hardened-sources-2.4.29 (30 Mar 2005)
1072
1073 30 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1074 +hardened-sources-2.4.29.ebuild:
1075 New hardened-patches-2.4-29.0 patchball.
1076 Removed SELinux support, upgraded GRSecurity to 2.1.4.
1077
1078 *hardened-sources-2.4.28-r5 (06 Mar 2005)
1079
1080 06 Mar 2005; Andrea Luzzardi <scox@gentoo.org>
1081 +hardened-sources-2.4.28-r5.ebuild:
1082 Added a fix for a PaX vulnerability.
1083
1084 26 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1085 hardened-sources-2.4.28-r4.ebuild:
1086 Stable on x86
1087
1088 23 Jan 2005; <solar@gentoo.org> hardened-sources-2.4.27-r3.ebuild,
1089 hardened-sources-2.4.28-r1.ebuild, hardened-sources-2.4.28-r2.ebuild,
1090 hardened-sources-2.4.28-r3.ebuild, hardened-sources-2.4.28-r4.ebuild,
1091 hardened-sources-2.4.28.ebuild, hardened-sources-2.6.10-r3.ebuild:
1092 - fixed/added RDEPEND= in all kernel-2 ebuilds
1093
1094 *hardened-sources-2.4.28-r4 (21 Jan 2005)
1095
1096 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1097 +hardened-sources-2.4.28-r4.ebuild:
1098 Fix vc_resize local DoS, ip_options_get memory leak, and ARP bug in 2.4
1099 backport of neighbour hash updates.
1100
1101 21 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1102 hardened-sources-2.4.28-r3.ebuild:
1103 Stable on x86
1104
1105 *hardened-sources-2.6.10-r3 (20 Jan 2005)
1106
1107 20 Jan 2005; Brandon Hale <tseng@gentoo.org>
1108 +hardened-sources-2.6.10-r3.ebuild:
1109 Dual commit hardened-(dev-)sources-2.6.10 to here for the upcoming merge
1110 in 2005.0
1111
1112 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1113 -hardened-sources-2.4.27-r2.ebuild, hardened-sources-2.4.28-r1.ebuild,
1114 hardened-sources-2.4.28-r2.ebuild:
1115 Mark stable on x86
1116
1117 *hardened-sources-2.4.28-r3 (17 Jan 2005)
1118
1119 17 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1120 +hardened-sources-2.4.28-r3.ebuild:
1121 Fix SMP page fault handler vuln, and update device-mapper and evms patches.
1122
1123 14 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1124 hardened-sources-2.4.28.ebuild:
1125 Mark stable on x86.
1126
1127 *hardened-sources-2.4.28-r2 (13 Jan 2005)
1128
1129 13 Jan 2005; Adam Mondl <tocharian@gentoo.org>
1130 +hardened-sources-2.4.28-r2.ebuild:
1131 Updates security fixes and adds squashfs 2.1 support. Thanks to Peter S.
1132 Mazinger for grsecurity patches as well.
1133
1134 *hardened-sources-2.4.28-r1 (23 Dec 2004)
1135
1136 23 Dec 2004; <plasmaroo@gentoo.org> +hardened-sources-2.4.28-r1.ebuild:
1137 Security bump. Thank tocharian for rolling a new patchset...
1138
1139 28 Nov 2004; <solar@gentoo.org> +files/2.4.28-grsec-binfmt_a.out.patch,
1140 +files/2.4.28-grsec-cmdline-race.patch,
1141 +files/2.4.28-selinux-binfmt_a.out.patch,
1142 +files/2.4.28-selinux-cmdline-race.patch, hardened-sources-2.4.28.ebuild:
1143 - Round up remaining security patches that appear to be missing in 2.4.28. -
1144 PaX standalone updated to current. hgpv=28.1
1145
1146 *hardened-sources-2.4.28 (28 Nov 2004)
1147
1148 28 Nov 2004; <solar@gentoo.org> +hardened-sources-2.4.28.ebuild:
1149 security bump. Thank tocharian for rolling a new patchset
1150
1151 *hardened-sources-2.4.27-r3 (08 Sep 2004)
1152
1153 08 Sep 2004; Andrea Luzzardi <scox@gentoo.org>
1154 +hardened-sources-2.4.27-r3.ebuild:
1155 Applies the new 2.4-27.2 patchball which updates
1156 GRSecurity to the 2.0.1 version.
1157
1158 *hardened-sources-2.4.27-r2 (31 Aug 2004)
1159
1160 31 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1161 +hardened-sources-2.4.27-r2.ebuild:
1162 Version bump.
1163 This version uses the new 2.4-27.1 patchball which updates
1164 both the SELinux PaX hooks patch and the SELinux headers.
1165
1166 *hardened-sources-2.4.27-r1 (09 Aug 2004)
1167
1168 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1169 +hardened-sources-2.4.27-r1.ebuild,
1170 -hardened-sources-2.4.27.ebuild,
1171 +files/2.4.27-cmdline-race.patch:
1172 Version bump, fix for cmdline race. See bug #59905.
1173
1174 *hardened-sources-2.4.26-r6 (09 Aug 2004)
1175
1176 09 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1177 +hardened-sources-2.4.26-r6.ebuild,
1178 -hardened-sources-2.4.26-r5.ebuild,
1179 -hardened-sources-2.4.26-r4.ebuild,
1180 +files/2.4.26-cmdline-race.patch:
1181 Version bump, fix for cmdline race. See bug #59905.
1182
1183 *hardened-sources-2.4.27 (08 Aug 2004)
1184
1185 08 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1186 +hardened-sources-2.4.27.ebuild,
1187 +files/2.4.27-CAN-2004-0394.patch:
1188 Ported the patchball to the 2.4.27 kernel version.
1189
1190 *hardened-sources-2.4.26-r5 (07 Aug 2004)
1191
1192 07 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1193 +hardened-sources-2.4.26-r5.ebuild:
1194 Updated to use the new hardened-patches-2.4-26.1 patchball.
1195 It adds the following features:
1196 - Squashfs
1197 - Ebtables
1198 - Netdev random (core+drivers)
1199 - Watchdog Timer (WDT) fix.
1200
1201 *hardened-sources-2.4.26-r4 (04 Aug 2004)
1202
1203 04 Aug 2004; Andrea Luzzardi <scox@gentoo.org>
1204 +hardened-sources-2.4.26-r4.ebuild,
1205 +files/2.4.26-CAN-2004-0415.patch,
1206 -hardened-sources-2.4.26-3:
1207 Version bump, fix for CAN 0415, see bug #59378.
1208
1209 *hardened-sources-2.4.26-r3 (22 Jul 2004)
1210
1211 22 Jul 2004; Andrea Luzzardi <scox@gentoo.org>
1212 +hardened-sources-2.4.26-r3.ebuild,
1213 +files/2.4.26-CAN-2004-0497.patch,
1214 -hardened-sources-2.4.26-r2.ebuild:
1215 Version bump, fixed CAN 0497, see bug #56171.
1216
1217 *hardened-sources-2.4.26-r2 (29 Jun 2004)
1218
1219 29 Jun 2004; Andrea Luzzardi <scox@gentoo.org>
1220 +hardened-sources-2.4.26-r2.ebuild,
1221 +files/2.4.26-CAN-2004-0495.patch,
1222 +files/2.4.26-CAN-2004-0535.patch,
1223 -hardened-sources-2.4.26-r1.ebuild:
1224 Fixes for both CAN 0495 and 0535, see bug #54976
1225
1226 23 Jun 2004; Aron Griffis <agriffis@gentoo.org>
1227 hardened-sources-2.4.26-r1.ebuild:
1228 QA - fix use invocation
1229
1230 *hardened-sources-2.4.26-r1 (22 June 2004)
1231
1232 22 June 2004; Andrea Luzzardi <scox@gentoo.org>
1233 +hardened-sources-2.4.26-r1.ebuild,
1234 +files/2.4.26-CAN-2004-0394.patch,
1235 +files/2.4.26-signal-race.patch,
1236 -hardened-sources-2.4.26.ebuild,
1237 -hardened-sources-2.4.24-r3.ebuild:
1238 Version bump for the CAN-2004-0394 issue and bug #53804
1239 Marked 2.4.26-r1 as stable, removed 2.4.26 and 2.4.24-r3
1240
1241
1242 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1243 hardened-sources-2.4.24-r3.ebuild, hardened-sources-2.4.26.ebuild:
1244 Masked hardened-sources-2.4.26.ebuild broken for ppc
1245
1246 31 May 2004; Pieter Van den Abeele <pvdabeel@gentoo.org>
1247 hardened-sources-2.4.24-r3.ebuild:
1248 Masked hardened-sources-2.4.24-r3.ebuild broken for ppc
1249
1250 *hardened-sources-2.4.26 (29 May 2004)
1251
1252 29 May 2004; Andrea Luzzardi <scox@gentoo.org>
1253 +hardened-sources-2.4.26.ebuild:
1254 Updated hardened-sources for the 2.4.26 kernel
1255 Removed broken components, updated almost everything.
1256
1257 *hardened-sources-2.4.24-r3 (17 Apr 2004)
1258
1259 17 Apr 2004; <plasmaroo@gentoo.org>
1260 +files/hardened-sources-2.4.24.CAN-2004-0010.patch,
1261 +files/hardened-sources-2.4.24.CAN-2004-0177.patch,
1262 +files/hardened-sources-2.4.24.CAN-2004-0178.patch,
1263 +hardened-sources-2.4.24-r3.ebuild:
1264 Added patches for the CAN-2004-0010, CAN-2004-0177 and CAN-2004-0178
1265 vulnerabilities. Old revisions removed.
1266
1267 *hardened-sources-2.4.24-r2 (15 Apr 2004)
1268
1269 15 Apr 2004; <plasmaroo@gentoo.org>
1270 +files/hardened-sources-2.4.24.CAN-2004-0109.patch,
1271 -hardened-sources-2.4.24-r1.ebuild, +hardened-sources-2.4.24-r2.ebuild:
1272 Version bump for the CAN-2004-0109 issue; bug #47881.
1273
1274 12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
1275 hardened-sources-2.4.22-r2.ebuild, hardened-sources-2.4.24-r1.ebuild:
1276 Add eutils to inherit.
1277
1278 *hardened-sources-2.4.24-r1 (19 Feb 2004)
1279
1280 19 Feb 2004; <plasmaroo@gentoo.org> hardened-sources-2.4.24-r1.ebuild,
1281 files/hardened-sources-2.4.24.munmap.patch:
1282 Added the patch for the mremap/munmap vulnerability. Bug #42024.
1283
1284 *hardened-sources-2.4.24 (06 Feb 2004)
1285
1286 06 Feb 2004; Andrea Luzzardi <scox@gentoo.org>
1287 hardened-sources-2.4.24.ebuild:
1288 Version bump, updated most of the components.
1289 This release includes the following:
1290
1291 - Hardened security
1292 - Netfilter patch-o-matic 20031219
1293 - FreeSWAN 2.04 & x509 1.4.8
1294 - EVMS 2.2.2
1295 - XFS 1.3.1
1296 - cryptoloop jari
1297 - grsecurity 2.0-rc4
1298 - SELinux
1299 - PaX 200402060000
1300 - PaX Obscurity 200308302223
1301 - Others...
1302
1303 Neither -ck nor systrace are included anymore.
1304
1305 *hardened-sources-2.4.22-r2 (05 Jan 2004)
1306
1307 05 Jan 2004; Andrea Luzzardi <scox@gentoo.org>
1308 hardened-sources-2.4.22-r2.ebuild:
1309 Version bump for the 'mremap' and the 'rtc' vulnerabilities.
1310
1311 *hardened-sources-2.4.22-r1 (02 Dec 2003)
1312
1313 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1314 hardened-sources-2.4.22-r1.ebuild: Fix up a little booboo from earlier.
1315
1316 02 Dec 2003; Brian Jackson <iggy@gentoo.org>
1317 hardened-sources-2.4.22-r1.ebuild:
1318 Version bump for the 'do_brk' vulnerability.
1319
1320 01 Dec 2003; Brian Jackson <iggy@gentoo.org>
1321 hardened-sources-2.4.20-r2.ebuild, hardened-sources-2.4.20-r3.ebuild,
1322 hardened-sources-2.4.20-r4.ebuild, hardened-sources-2.4.21.ebuild,
1323 hardened-sources-2.4.22.ebuild, files/do_brk_fix.patch:
1324 Fix the 'do_brk' vulnerability.
1325
1326 03 Nov 2003; Matthew Rickard <frogger@gentoo.org>
1327 hardened-sources-2.4.22.ebuild:
1328 - Removed the src_install() portion for SELinux flask
1329 components. These are no longer handled in the kernel
1330 so this code was not necessary.
1331
1332 29 Oct 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.22.ebuild:
1333 New 2.4.22 based hardened-sources thanks to
1334 Phil West <p.west@computer.org>.
1335
1336 These sources include:
1337 - New SELinux API
1338 - Updated CK-base
1339 - Updated GRSec
1340 - Systrace
1341 - SuperFreeS/WAN 1.99.8
1342 - Propolice kernel build support
1343 - EVMS
1344 - Other various security related patches
1345
1346 *hardened-sources-2.4.21 (14 Sep 2003)
1347
1348 14 Sep 2003; Matthew Rickard <frogger@gentoo.org> hardened-sources-2.4.21.ebuild:
1349 Updated hardened-sources based on the 2.4.21 Linux kernel.
1350 This includes updates to most major components such as:
1351 - ck-base-0306300059
1352 - selinux-2.4-2003071106
1353 - grsecurity-2.0-rc1
1354 - Updated IPTables patch-o-matic
1355 - Updated SuperFreeS/WAN
1356
1357 Thanks to Phil West <pwest@computer.org> for his work in getting this
1358 updated patch set ready for the 2.4.21 based kernel.
1359
1360 16 Jun 2003; Matthew Rickard <frogger@gentoo.org> :
1361 Initial import of hardened-sources-2.4.20-r4. This revision
1362 includes only a few changes, but one of these is an important
1363 security fix. It is recommended all users of hardened-sources
1364 upgrade to this release.
1365
1366 - ioperm bug fix
1367 - fixed compilation failure when building without GRSec
1368
1369 SAL (Secure Auditing for Linux) is NOT included in this revision
1370 due to time constraints, but is planned for inclusion in the near
1371 future.
1372
1373 *hardened-sources-2.4.20-r2 (12 Jun 2003)
1374
1375 12 Jun 2003; <msterret@gentoo.org> hardened-sources-2.4.20-r2.ebuild,
1376 hardened-sources-2.4.20-r3.ebuild:
1377 Add Header...
1378
1379 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1380 hardened-sources-2.4.20-r3.ebuild:
1381 Removed warnings from ebuild. This kernel should be safe to
1382 use at this point.
1383
1384 *hardened-sources-2.4.20-r3 (08 Jun 2003)
1385
1386 08 Jun 2003; Matthew Rickard <frogger@gentoo.org>
1387 hardened-sources-2.4.20-r3.ebuild:
1388 New revision. Includes the following changes over -r2:
1389
1390 - ck7-base (O(1), preempt, low latency)
1391 - Super FreeS/WAN 1.99.7rc2
1392 - PaX for the LSM/SELinux branch
1393 - GRSecurity 2.0-pre4 (role based access control)
1394 - Systrace 1.3
1395 - EXT3 fixes
1396 - EVMS 2.0.1
1397 - GCC 3.1+ compile optimizations
1398 - ProPolice kernel build support
1399 - Hashing table security fixes
1400
1401 *hardened-sources-2.4.20-r1 (09 Apr 2003)
1402
1403 23 Apr 2003; Matthew Rickard <frogger@gentoo.org> Manifest:
1404 Initial import of hardened-sources-r2. This new
1405 ebuild includes many new performance and security
1406 related patches. As in -r1, it will patch in
1407 LSM/SELinux if "selinux" is in USE, otherwise it
1408 will patch in GRSecurity. The following patches
1409 are included in this revision:
1410
1411 - O(1) Scheduler, Low Latency, and Preempt
1412 (pulled from the base CK patch)
1413 - ptrace exploit patch for the LSM kernel
1414 (the GRSec patch already fixes this)
1415 - LSM 2.4-2003040709
1416 - SELinux 2.4-2003040709
1417 - Systrace v1.2
1418 - IPTables patch-o-matic base patches - 20030107
1419 - CryptoAPI 2.4.20.1 w/ loop-jari patch
1420 - Super FreeS/WAN 1.99.6.1
1421 - GRSecurity 1.9.9g
1422 - MPPE
1423 - EXT3 data journal fix
1424 - CIPE 1.5.4
1425
1426 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1427 hardened-sources-2.4.20-r1.ebuild, manifest:
1428 Updated to install flask components correctly for selinux.
1429
1430 12 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1431 hardened-sources-2.4.20-r1.ebuild:
1432 LSM/SELinux is now patched in when "selinux" is in USE. Otherwise, GRSecurity
1433 is patched in instead. Ptrace patches for selinux have also been added. In
1434 either case, systrace support will be patched in as well.
1435
1436 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1437 hardened-sources-2.4.20-r1.ebuild, hardened-sources-2.4.20.ebuild, manifest:
1438 Revision bump for new sources.
1439
1440 09 Apr 2003; Matthew Rickard <frogger@gentoo.org>
1441 hardened-sources-2.4.20-r1.ebuild:
1442 Now includes LSM1, GRSec-2.0-pre1, and systrace-v1.2.
1443
1444 *hardened-sources-2.4.20 (30 Mar 2003)
1445
1446 30 Mar 2003; Joshua Brindle <method@gentoo.org>
1447 hardened-sources-2.4.20.ebuild:
1448 Initial import, only has systrace support.

  ViewVC Help
Powered by ViewVC 1.1.20