From: Ned Ludd <solar@gentoo.org>
To: gentoo-kernel@lists.gentoo.org
Subject: Re: [gentoo-kernel] [ANNOUNCE] hardened-patches-2.6.17-1 Released
Date: Wed, 16 Aug 2006 16:43:08 -0400 [thread overview]
Message-ID: <1155760989.24186.8.camel@localhost> (raw)
In-Reply-To: <200608162155.37882.phreak@gentoo.org>
On Wed, 2006-08-16 at 21:55 +0200, Christian Heim wrote:
> On Wednesday 16 August 2006 21:08, Christian Heim wrote:
> > This is an automated email to say that hardened-patches-2.6.17-1
> > has just been released.
> >
> > You can find a shortlog, broken out patches and release tarballs at:
> > http://dev.gentoo.org/~phreak/
>
> Hrm, seems like the script needs some work ... that should have been:
> > You can find a shortlog, broken out patches and release tarballs at:
> > http://dev.gentoo.org/~phreak/hardened-sources/
>
> >
> > Changes since 2.6.17- are as follows:
> Changes since 2.6.16-8 are as follows:
>
> r597 (phreak):
> M /hardened/2.6/.release
>
> Updating the .release file
>
> r592 (phreak):
> A /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17-2006080121035.patch
> D /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-2006080121035.patch
>
> Dropping the EXTRAVERSION from the patchname.
>
> r591 (phreak):
> M /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-200608012135.patch
>
> Hrm, missed a '0' after renaming the patch.
>
> r590 (phreak):
> M /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-200608012135.patch
>
> Updating the headers
>
> r581 (phreak):
> M /hardened/2.6/trunk/2.6.17/4450_grsec-2.1.9-2.6.17.7-200608012135.patch
>
> Removing the localversion-grsec for real!
>
> r580 (phreak):
> M /hardened/2.6/trunk/2.6.17/4455_linux-2.6.16-reslog.patch
Just talked with spender and he already pushed this patch
but in a slightly diff way.
notice in hunk #3
int grsec_resource_logging;
int grsec_lock;
+int grsec_resource_logging;
The addition of this patch adds the symbol a second time.
And in hunk #4 we would end up with 2 sysctl entries.
#ifdef CONFIG_GRKERNSEC_RESLOG
grsec_resource_logging = 1;
#endif
+#ifdef CONFIG_GRKERNSEC_RELOG
+ grsec_resource_logging = 1;
+#endif
So... This extra patch can simply be dropped.
The systrace stuff can also be dropped as it's known to
open holes where no holes existed before.
--
Ned Ludd <solar@gentoo.org>
Gentoo Linux
--
gentoo-kernel@gentoo.org mailing list
prev parent reply other threads:[~2006-08-16 20:44 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-08-16 19:08 [gentoo-kernel] [ANNOUNCE] hardened-patches-2.6.17-1 Released Christian Heim
2006-08-16 19:55 ` Christian Heim
2006-08-16 20:34 ` Ned Ludd
2006-08-16 20:43 ` Ned Ludd [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1155760989.24186.8.camel@localhost \
--to=solar@gentoo.org \
--cc=gentoo-kernel@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox