On Tue, 2017-07-04 at 08:25 -0400, Jordan Glover wrote: > I wanted to ask you about the future of linux-grsec in debian. The package > wasn't updated for some time and it's now at 4.9.18 version while last > official grsecurity version is 4.9.24. Additionally there are few forward > ports of grsecurity for 4.9 LTS kernel line [1],[2] .
Hi, thanks for the bug report. Right now, my last position on this is still ht tps://www.corsac.net/?rub=blog&post=1587 and I didn't really have time to move forward (how unfortunate that can be). I'm toying with the idea to use Mathias Krause repository ([2] on your mail) but there might be some additional work besides just pulling the patch so I didn't really move forward on this. > > As 4.9 LTS kernel is used in current Debian stable release, something like > linux-unofficial_grsec, based on forward grsec ports for 4.9 kernel would be > a great addition for stable-backports and/or unstable. It could be abandoned > when 4.9 kernel gets EOL status. Hopefully by then mainline linux will get > some security improvements, currently worked on linux-hardened project [2] > and KSPP . Indeed. > > It will be nice to clarify linux-grsec package situation as users now get > stuck in limbo. Honestly, I'm still not clear on that, and I don't have a lot of spare time on this, so any additional work gets in the way. Regards, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part
