From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OwOii-0000Xv-DK for garchives@archives.gentoo.org; Fri, 17 Sep 2010 00:22:28 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7D63EE0934; Fri, 17 Sep 2010 00:21:42 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 5298AE0934 for ; Fri, 17 Sep 2010 00:21:42 +0000 (UTC) Received: from [192.168.3.7] (cpe-74-77-194-18.buffalo.res.rr.com [74.77.194.18]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPSA id AFD3B1B401C for ; Fri, 17 Sep 2010 00:21:41 +0000 (UTC) Message-ID: <4C92B492.8010008@gentoo.org> Date: Thu, 16 Sep 2010 20:21:38 -0400 From: "Anthony G. Basile" User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.9) Gecko/20100912 Lightning/1.0b3pre Lanikai/3.1.3 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] Re: Security notice regarding hardened-sources References: <4C9288E2.5010709@gentoo.org> <4C929E8E.2030309@gmail.com> In-Reply-To: <4C929E8E.2030309@gmail.com> X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: af654575-1bed-462c-b280-c1b128895a4c X-Archives-Hash: e940eba6b111cb03a4a154e9be5089fa -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/16/2010 06:47 PM, 7v5w7go9ub0o wrote: > On 09/16/10 17:15, Anthony G. Basile wrote: > [] > >> >> >> As a result, certain configurations of hardened-sources are also >> vulnerable. As a work around until I get the fix into the tree and >> fast track stabilization, keep the following in mind: > > [] > > Thank you for this note, Anthony! > > 1. Will hardened-sources be distributed via the tree, or via an overlay? > (IIRC, I got 2.6.34-r5 via the overlay, then it disappeared) > > 2. Same question about gcc; will hardened gcc come to us via an overlay? > (I see an update to 4.4.4-r2; IIRC I got 4.4.4-r1 via overlay). > > TIA > The overlay should not be used for anything anymore. Its around only for reference. (Zorry and I may want to look back at stuff we did.) In about a day or so you should see hardened-sources-2.6.32-r18.ebuild and hardened-sources-2.6.34-r6.ebuild appear in portage. Use one of those two. - -- Anthony G. Basile, Ph.D. Gentoo Developer -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkyStJIACgkQl5yvQNBFVTUnnACgg1lYVsSGM2k5SG6VSBeJTPOI hhIAn0WTyGjbplsXD3JavTuBP6Xf2N5D =08GV -----END PGP SIGNATURE-----