From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 70089139694 for ; Wed, 19 Apr 2017 15:17:32 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id ABE77E0C7C; Wed, 19 Apr 2017 15:17:31 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 78EA2E0C7C for ; Wed, 19 Apr 2017 15:17:31 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 2423E33FE49 for ; Wed, 19 Apr 2017 15:17:30 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 8C313742A for ; Wed, 19 Apr 2017 15:17:28 +0000 (UTC) From: "Anthony G. Basile" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Anthony G. Basile" Message-ID: <1492615043.36f4e187bde9761892eed85c92149f2bccc2db1d.blueness@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: sys-kernel/hardened-sources/ X-VCS-Repository: repo/gentoo X-VCS-Files: sys-kernel/hardened-sources/Manifest sys-kernel/hardened-sources/hardened-sources-4.9.23.ebuild X-VCS-Directories: sys-kernel/hardened-sources/ X-VCS-Committer: blueness X-VCS-Committer-Name: Anthony G. Basile X-VCS-Revision: 36f4e187bde9761892eed85c92149f2bccc2db1d X-VCS-Branch: master Date: Wed, 19 Apr 2017 15:17:28 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 9b669612-be1f-47e8-a229-6038c0d4a5d5 X-Archives-Hash: 2402154c56bb1d84de6d264ed5cce1ce commit: 36f4e187bde9761892eed85c92149f2bccc2db1d Author: Anthony G. Basile gentoo org> AuthorDate: Wed Apr 19 15:17:01 2017 +0000 Commit: Anthony G. Basile gentoo org> CommitDate: Wed Apr 19 15:17:23 2017 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36f4e187 sys-kernel/hardened-sources: version bump to 4.9.23 vanilla-4.9 + genpatches-4.9-23 + grsecurity-3.1-4.9.23-201704181901 Package-Manager: Portage-2.3.3, Repoman-2.3.1 sys-kernel/hardened-sources/Manifest | 1 + .../hardened-sources-4.9.23.ebuild | 45 ++++++++++++++++++++++ 2 files changed, 46 insertions(+) diff --git a/sys-kernel/hardened-sources/Manifest b/sys-kernel/hardened-sources/Manifest index ea8155bf280..ab3c766183b 100644 --- a/sys-kernel/hardened-sources/Manifest +++ b/sys-kernel/hardened-sources/Manifest @@ -18,6 +18,7 @@ DIST hardened-patches-4.7.6-1.extras.tar.bz2 1913657 SHA256 f32b7891fa0a821a6027 DIST hardened-patches-4.8.17-3.extras.tar.bz2 1932803 SHA256 7ff535912635b5ae83d793dcadb30f2ebab85abffb05d73f73af3a0262f5b170 SHA512 f9521c5f0df2ab5989f5fd5929b3f69620d519d92583601f52bf4c2871330008c9e2f19cee3538a2c4945bc22d0ddb8478a9fb332de64dbd611904749d046e82 WHIRLPOOL 1f0ff531b479db743eb0d806d35b770c405868082a249c7d41579649dd924c25d41bd1781bc0fe827a6d06447e0fe88dc630992f2be977f50138f741e707b542 DIST hardened-patches-4.9.21-1.extras.tar.bz2 1965869 SHA256 5ece74a315131b2e3935838428bfefb9b4aeca320e50b58c79bd2c2b1d218387 SHA512 0184dcd1d68c3b0ab8a3c3f385530bf726a9d2647399d72d2eaadfb0cd8c61284b0c3a007c2cfe704b1fd20fff080736bea4850729530c55eb0135624ae47cf4 WHIRLPOOL d5596a493edc166830e22434df82d0dedc822ba9af54737baa8b81259594c2db461ce0085eb5af563c0d6b98e2620bd59bc90bb48453bae644da7b2ab33fed81 DIST hardened-patches-4.9.22-1.extras.tar.bz2 1923399 SHA256 9f741347f0aa663f2a720ea2c288277bad997e081b196d6d98eda56db07132ea SHA512 7780742a1cc8af175ca9741dcf505400e1a387c1e5ede803f1741ecc88a487404328b6bc87f48c0fd45cc609c0dadc2e47a6770a32589ac6c295fca9c36fe9bd WHIRLPOOL 0dce47508b7b6e581e265459668659d85347ca0300decb4d8057d0c09437cda7e86bca69addd736d64c83b0fe4f6b0d5a3be1026558a716cfb3c8eb76657bdfd +DIST hardened-patches-4.9.23-1.extras.tar.bz2 1937895 SHA256 b230f16be80827139c7b682f3657dcb9f46de490f3b6bd3935a389ac3e232382 SHA512 2fb86e5aea04ec23b54bd29ec0e11bd2ce1f82a216fab0d7989999c519fba63cb6d92d7fbdef9f4acdf5f3fb0ba6e91890eb2aaea83e9c0afa9f8226f4ce956d WHIRLPOOL 127b075883c4607b4c943ccf9abfd762bab04c4fbcc7f64251d68af71a3baad7a58d80b3a63177bc2d82f55b961e21e80690e6209e1a9fa4f505bc10b28e3c82 DIST linux-4.4.tar.xz 87295988 SHA256 401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2 SHA512 13c8459933a8b80608e226a1398e3d1848352ace84bcfb7e6a4a33cb230bbe1ab719d4b58e067283df91ce5311be6d2d595fc8c19e2ae6ecc652499415614b3e WHIRLPOOL 02abc203d867404b9934aaa4c1e5b5dcbb0b0021e91a03f3a7e7fd224eed106821d8b4949f32a590536db150e5a88c16fcde88538777a26d0c17900f0257b1bc DIST linux-4.7.tar.xz 90412100 SHA256 5190c3d1209aeda04168145bf50569dc0984f80467159b1dc50ad731e3285f10 SHA512 e8c02583e17e4fc4214fef694825fcb78c898266f1624deb1cdf56ab5c5fdfa669c5221122a7cf0d502ed6f921ff3797634acd9d294d29e98e3faa8a21920185 WHIRLPOOL e968c89ce714c8d918db6074dabac4b0200c57ff111260313cf5798eeefb8b5b10c1509b64e2ee611a78e81075c588a473b67f9802609b2fef9ebb87ae514d98 DIST linux-4.8.tar.xz 91966856 SHA256 3e9150065f193d3d94bcf46a1fe9f033c7ef7122ab71d75a7fb5a2f0c9a7e11a SHA512 a48a065f21e1c7c4de4cf8ca47b8b8d9a70f86b64e7cfa6e01be490f78895745b9c8790734b1d22182cf1f930fb87eaaa84e62ec8cc1f64ac4be9b949e7c0358 WHIRLPOOL 3888c8c07db0c069f827245d4d7306087f78f7d03e8240eb1fcd13622cd5dbe1c17cd8ed7dc11513f77f3efd5dbd84e2b48e82bdb9b9bfd2242fd62ae32812d5 diff --git a/sys-kernel/hardened-sources/hardened-sources-4.9.23.ebuild b/sys-kernel/hardened-sources/hardened-sources-4.9.23.ebuild new file mode 100644 index 00000000000..e3165fb80c7 --- /dev/null +++ b/sys-kernel/hardened-sources/hardened-sources-4.9.23.ebuild @@ -0,0 +1,45 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +ETYPE="sources" +K_WANT_GENPATCHES="base" +K_GENPATCHES_VER="23" +K_DEBLOB_AVAILABLE="1" + +inherit kernel-2 +detect_version + +HGPV="${KV_MAJOR}.${KV_MINOR}.${KV_PATCH}-1" +HGPV_URI="http://dev.gentoo.org/~blueness/hardened-sources/hardened-patches/hardened-patches-${HGPV}.extras.tar.bz2" +SRC_URI="${KERNEL_URI} ${HGPV_URI} ${GENPATCHES_URI} ${ARCH_URI}" + +UNIPATCH_LIST="${DISTDIR}/hardened-patches-${HGPV}.extras.tar.bz2" +UNIPATCH_EXCLUDE=" + 1500_XATTR_USER_PREFIX.patch + 1520_CVE-2017-6074-dccp-skb-freeing-fix.patch + 2900_dev-root-proc-mount-fix.patch" + +DESCRIPTION="Hardened kernel sources (kernel series ${KV_MAJOR}.${KV_MINOR})" +HOMEPAGE="http://www.gentoo.org/proj/en/hardened/" +IUSE="deblob" + +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86" + +RDEPEND=">=sys-devel/gcc-4.5" + +pkg_postinst() { + kernel-2_pkg_postinst + + local GRADM_COMPAT="sys-apps/gradm-3.1*" + + ewarn + ewarn "Users of grsecurity's RBAC system must ensure they are using" + ewarn "${GRADM_COMPAT}, which is compatible with ${PF}." + ewarn "It is strongly recommended that the following command is issued" + ewarn "prior to booting a ${PF} kernel for the first time:" + ewarn + ewarn "emerge -na =${GRADM_COMPAT}" + ewarn +}