[grsec] grsecurity 2.1.11 released for Linux 2.4.36.2/2.6.24.4

Heiko Zuerker heiko at zuerker.org
Tue Apr 15 10:09:44 EDT 2008


Quoting Brad Spengler <spender at grsecurity.net>:
> Due to Linux kernel developers continuing to silently fix exploitable
> bugs (in particular, trivially exploitable NULL ptr dereference bugs
> continue to be fixed without any mention of their security implications)
> we continue to suggest that the 2.6 kernels be avoided if possible.
>
> It is not clear if the PaX Team will be able to continue supporting
> future versions of the 2.6 kernels, given their rapid rate of release
> and the incredible amount of work that goes into porting such a
> low-level enhancement to the kernel (especially now in view of the
> reworking of the i386/x86-64 trees). It may be necessary that grsecurity
> instead track the Ubuntu LTS kernel so that users can have a stable
> kernel with up-to-date security fixes. I will update this page when a
> final decision has been reached.
>
> In the meantime, please email pageexec at freemail.hu and let him know how
> much you appreciate the hard work he has put in for the past 8 years.
> The accomplishments of the PaX Team have extended far beyond just Linux,
> and have today found their way into all mainstream operating systems.

We all certainly do appreciate all the work you're putting into  
grsecurity and pax. It helps us achieve a level of security which  
wouldn't be possible otherwise.

It's going to be a problem for distros like Devil-Linux, if you use a  
kernel from a mainstream distro as the base for your patches. We're  
compiling everything from vanilla sources and certainly are not  
willing to use a bloated kernel from a mainstream distro as our base.

We all understand the huge amount of work which goes into opensource projects.
We'll accept whatever you decide.

-- 

Regards
   Heiko Zuerker
   http://www.devil-linux.org




----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.



More information about the grsecurity mailing list