* Sat Jun 7 2008 Corey Henderson - revision 7 - added CVE-2008-1673 patch from upstream 2.6.25.5 * Wed Jun 4 2008 Corey Henderson - revision 6 - updated PaX patch to test 53 - added compatible upstream kernel patches from 2.6.25 rc2 thru rc9 * Mon Jun 2 2008 Corey Henderson - revision 5 - updated PaX patch to test52 and removed PaX 2.6.25 back-ports as they were included in the upstream 2.6.24.7-test51-to-52 update * Fri May 30 2008 Corey Henderson - revision 4 - added compatible upstream kernel patches from 2.6.25-rc8 and 9 * Thu May 29 2008 Corey Henderson - revision 3 - added "chocolate" package for non-grsec, non-pax, non-vanilla builds - added back-ported PaX update from 2.6.25.4-test19 and 20 - added the PaX back-ports to the "paxonly" build process - added CVE-2007-6282.patch - added CVE-2008-0010.patch - added CVE-2008-2137.patch - added x86_fix_vsyscall_wreckage.patch and the pax varient - added linux-2.6.9-bonding-fix-stats-race.patch - added linux-2.6-remove-devkmem patch - added compatible upstream kernel patches from 2.6.25 thru 2.6.25.4 * Sun May 25 2008 Corey Henderson - revision 2 - added patch to update normal grsecurity's PaX from test48 to test51 - added some back-ported PaX updates from 2.6.25.4-test16, 17, and 18 * Thu May 22 2008 Corey Henderson - updated PaX patch to test51 - split version macro in two: kvmajor and kvminor - removed the "iptables-stealth" from provides section * Wed May 21 2008 Corey Henderson - updated PaX patch to test50 * Mon May 19 2008 Corey Henderson - updated kernel to 2.6.24.7 - updated grsecurity patch to 200805121951 - updated PaX patch to test48 - added CVE-2008-2136 patch - added CVE-2008-2148 patch * Tue Apr 22 2008 Corey Henderson - replaced kernel config with fc8's 2.6.24.4, with a few modifications - added the creation of a -devel package - removed modules.* since they are created at rpm -i time via depmod * Mon Apr 21 2008 Corey Henderson - updated kernel to 2.6.24.5 - updated grsecurity patch to 200804211829 - renamed PaX test42 patch to 2.6.24.5, since it still applies cleanly * Thu Apr 17 2008 Corey Henderson - updated grsecurity patch to 200804171953 * Mon Apr 14 2008 Corey Henderson - updated PaX patch to test42 - updated grsecurity patch to 200804142048 * Wed Apr 11 2008 Corey Henderson - updated PaX patch to test41 - added GPG signature to RPMs - unset CONFIG_GRKERNSEC_HIDESYM in grsecurity config * Wed Apr 9 2008 Corey Henderson - updated PaX patch to test40 * Tue Apr 8 2008 Corey Henderson - added "--with vanilla" option to build a vanilla kernel - replaced config patches with the use of merge.pl and a minimal config for each different package varient * Mon Apr 7 2008 Corey Henderson - updated grsecurity patch to 200804072155 - changed package name to "kernel-grsec" so other packages can be built, eg; kernel-grsec-nopax, kernel-grsec-desktop, kernel-pax, etc - removed -xen package and updated docs saying if you want to use xen, use the -nopax release - added ability to build a kernel with just the PaX patch * Thu Apr 3 2008 Corey Henderson - added "pax-linux" to list of "Provides" on non "--without pax" builds - kernel-xen now provides grsecurity * Sun Mar 30 2008 Corey Henderson - added "--with desktop" option to build the kernel w/o options that prevent an X servers from running. This also appends .desktop to the release - there is now just one config file; the --without pax switch uses a new patch to remove the PaX options from the source config file * Fri Mar 28 2008 Corey Henderson - Rebuild with modules marked as executeable to have rpmbuild strip them - added debuginfo package to contain a non-stripped vmlinux image * Thu Mar 27 2008 Corey Henderson - Initial build of kernel 2.6.24.4 with grsecurity 200803262003