A small update about kernel security. As you may know, we no longer release GLSAs about kernel vulnerabilities and are in the process of changing kernel vulnerabilities information to a more live information system.
In the meantime, we'll post information about serious fixed vulnerabilities on this list, so that you are informed of the safe kernels you can use. As of today only 4 Portage-provided kernel sources are free of serious kernel vulnerabilities (serious being remote root, remote DoS or local root) : - gentoo-dev-sources [2.6] - grsec-sources [2.4] - hardened-dev-sources [2.6] - hardened-sources [2.4] Use of the latest version of one of these sources is highly recommended in any security-sensitive setting. Several others should be fixed soon, as they are currently only vulnerable to one serious vulnerability (the i386 SMP page fault handler privilege escalation, bug 77666) : - gentoo-sources - ac-sources - ck-sources - sparc-sources - uclinux-sources - usermode-sources - win4lin-sources - wolk-sources - xbox-sources -- Koon
signature.asc
Description: OpenPGP digital signature
