[grsec] grsecurity 2.1.10 released for Linux 2.4.34/2.6.19.2
harry
rik.bobbaers at cc.kuleuven.be
Mon Jan 15 13:22:33 EST 2007
in the latest patch:
- min_t(unsigned long, KERNEL_PGD_PTRS, USER_PGD_PTRS));
+ min(unsigned long, KERNEL_PGD_PTRS, USER_PGD_PTRS));
for ./arch/i386/kernel/smpboot.c
this should be:
min(KERNEL_PGD_PTRS, USER_PGD_PTRS)); => the extra bracket is for...
hell, read the patch ;))
right? because min only takes 2 args
or it shouldn't be changed at all, that's a possibility too :)
right now, i get a compiler error on that one...
Brad Spengler wrote:
> grsecurity 2.1.10 was released today for Linux 2.4.34 and 2.6.19.2.
> Changes in this release include:
>
> * Fixes to PaX flag support in RBAC system
> * PaX updates for non-x86 architectures in 2.4.34 patch
> * Fix for setpgid in chroot problem reported on forums
> * Removal of randomized PIDs feature, since it provides no useful
> additional security and wastes memory with the 2.6 kernel's pid bitmap
> * Fixed /proc usage in a chroot in 2.6 patch
> * Added admin role to generated policy from full learning
>
> The version was incremented due to required gradm changes for the PaX
> flags. This patch corrects the "dropped command" problem reported here
> on the mailing list and the forums. I've also posted an official
> comment on the website regarding the alleged vulnerabilities in
> grsecurity/PaX.
--
harry
aka Rik Bobbaers
K.U.Leuven - LUDIT -=- Tel: +32 485 52 71 50
Rik.Bobbaers at cc.kuleuven.be -=- http://people.linux-vserver.org/~harry
thinking always leads to conclusions... and those can be extremely dangerous
-- me ;)
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
More information about the grsecurity
mailing list