On Wed, Mar 02, 2016 at 09:01:34PM +0100, Yves-Alexis Perez wrote: > On mer., 2016-03-02 at 20:06 +0100, Moritz Muehlenhoff wrote: > > Before considering that, did anyone approch grsecurity whether we can get > > access to the grsecurity stable patches? We would most definitely have > > Debian > > funds to become grsecurity sponsors to obtain access to stable patches. > > I think that'd be something nice anyway, but… > > > > Whether that's possible/desirable by grsecurity is the question, though: > > Having the stable patches in Debian would make them available to the > > general public (including those sleazy embedded companies which made them > > change their distribution scheme). > > Indeed, I didn't even bother to ask because when you gain access to the stable > patches, you commit yourself to not make them available publicly, which is > obviously exactly what we would do.
It's the release team's call, but IMO unless upstream changes their policy to allow public access to stable patches again, this seems rather like a case for a PPA or possibly backports (but they generally require backports from what is in testing). Cheers, Moritz