Gentoo | Hardened

Gentoo | Hardened Mailing List Archive by Gossamer Threads http://www.gossamer-threads.com/lists/gentoo/hardened/ en-us (c) Gossamer Threads Inc. All rights reserved. 13 Feb 2012 03:57:52 -0800 120 Gossamer Threads | Gentoo | Hardened 75 23 http://www.gossamer-threads.com/lists/gentoo/hardened/ http://www.gossamer-threads.com/images/lists/rss_logo.jpg Re: [gentoo-dev] profiles/features/64bit-native/package.use.mask contents redundancy [. CCed gentoo-hardened@lists.gentoo.org to warn against possible breakage. Touching profiles make me nervous. TS: http://archives.gentoo.org/ge 11 Feb 2012 10:48:48 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/247694 gcc 4.5.3 doesn't build on x86 hardened profile Howdy folks, I recently tried to recompile some packages and I discovered that GCC 4.5.3, the current default version in the hardened profile will no 05 Feb 2012 19:28:48 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/247454 New sudo format string vuln Not sure how much testing anyone else has done (and it warrants more testing), but I just tested this on a rather out-of-date machine running hardened 31 Jan 2012 07:12:06 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/247209 SELinux base policy rev 12 in hardened-dev Hi guys, A small update to the SELinux policies in our favorite distribution. This one pulls in the following changes: bug #399113: Be able to di 29 Jan 2012 09:10:36 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/247053 Missmatch in digests Hello, I've just made sync, and I got following errors during calulacting updates: * /usr/portage/sec-policy/selinux-base-policy/selinux-base-policy 29 Jan 2012 05:38:12 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/247037 Re: Please test hardened-sources 2.6.32-r88 and3.2.2 Dnia 27 stycznia 2012 17:06 "Tóth Attila" <atoth@atoth.sote.hu> napisał(a): > And this one is from my laptop: > vmalloc: allocation failure: 0 byte 27 Jan 2012 09:38:07 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/246890 Please test hardened-sources 2.6.32-r88 and 3.2.2 Hi everyone, I just added hardened-sources 2.6.32-r88 and 3.2.2 to the tree. They address CVE-2012-0056. I've tested and they do indeed resist the 27 Jan 2012 05:37:58 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/246864 Security Level: high/server/workstation/virtualization Hi! If you ever wonder how exactly differs predefined security levels, you'll find this information here. :) I've compared them, plus I did some benc 27 Jan 2012 05:26:26 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/246863 openrc-0.9.8.2 screwed up bonding config I'm sorry for being offtopic, but this is the list I can rely on. I've just upgraded openrc from 0.9.4 to 0.9.8.2 and my server went offline. After st 25 Jan 2012 17:15:32 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/246771 Interesting: CVE-2012-0056 Please take a look at on this exploit: http://blog.zx2c4.com/749 It is interesting to think about /proc/pid/mem protection and about building su with 23 Jan 2012 15:49:19 -0800 http://www.gossamer-threads.com/lists/gentoo/hardened/246715