enhaisa at gmail
Mar 25, 2010, 12:44 AM
Post #4 of 4
On Thu, Mar 25, 2010 at 2:16 AM, Brian Davis <bridavis [at] live> wrote:
> I think the question still stands, however, as to why the "main-line"
> hardened-sources are not being updated.
> > From: casta [at] xwing
> > To: gentoo-hardened [at] lists
> > Subject: Re: [gentoo-hardened] Regarding hardened-sources
> > Date: Wed, 24 Mar 2010 20:54:29 +0100
> > CC: mansourmoufid [at] gmail
> > Le Mercredi 24 Mars 2010 20:47:08, Mansour Moufid a Ã©crit :
> > > Hello,
> > >
> > > The latest stable release of grsecurity is for 2.6.32 kernels.
> > > Gentoo's hardened-sources have been stuck at 2.6.28-r9 for a while
> > > now. Is there any particular reason for this?
> > >
> > > Stability is important, but it's also fact that many (most?)
> > > vulnerabilities in Linux are fixed silently as non-security updates in
> > > the latest kernels. The grsecurity/PaX team has been tracking and
> > > backporting these sorts of stealth vulnerability fixes. Therefore,
> > > would it not make more sense for Gentoo Hardened to follow their lead?
> > > Especially considering they will be supporting 2.6.32 on a long term
> > > basis.
> > >
> > > Thanks for your time.
> > >
> > >  <http://grsecurity.net/news.php#stablechosen>
> > Try hardened-development overlay (available via layman)
> > http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-dev.git;a=summary
> > It provides a recent kernel and some toolchain patches
> > --
> > Guillaume Castagnino
> > casta [at] xwing / guillaume [at] castagnino
> The New Busy is not the old busy. Search, chat and e-mail from your inbox. Get
From what I recall from the discussions on Irc there has been several issues
with .32 and .31 was skipped entirely in favour for .32 but the update to
the main-tree should be coming soon according to Anarchy and gang (Was a
while since I spoke to Anarchy tho, but they are doing their best)