On Tue, 22 Mar 2016, Yves-Alexis Perez wrote: > On ven., 2016-01-08 at 12:44 -0500, micah anderson wrote: > > Yves-Alexis Perez <corsac@debian.org> writes: > > > > > > > > Hi list, [please keep me on CC: on replies, I'm not subscribed to the > > > list] > > > > > > linux-grsec was recently ACCEPTED [1] in Debian unstable. For the record, > > > it's > > > a src:linux packages patched with the grsecurity [2] patch, hardening the > > > kernel against various threats (memory corruption especially). > > > > > > Current upstream (grsecurity) development model is to follow the latest > > > linux > > > kernel version (there are so-called “stable” patches, which are not > > > available > > > free of charge, so I don't mention them here), which makes it not really > > > suitable for a stable release (also there's the duplication of the Linux > > > sources). > > > > > > But the linux-grsec packages might especially interest people using stable > > > releases (it's really useful on servers, although I'm using it on laptops > > > and > > > desktops just fine), so I'm currently providing those builds myself [3]. > > > I'd > > > like to use a more official repository, so I thought about uploading to > > > jessie-backports. > > > > > > I know the rules about backports (only packages already in testing, suited > > > for > > > the next stable releases), so I know it's an exception I'm asking. I > > > already > > > asked on IRC (#debian-devel, where it wasn't really warmly received :), > > > but > > > was also redirected here, so it gets archived. > > I for one would love this kernel package available in backports! > > > > I asked the release team about their opinion on having linux-grsec appearing > in a stable release. The answer is at [1] but it basically boils down to > “we're not thrilled, and we think something like backports would be better > fitted right now”. > > So, is there something I can do to move forward on this? As I already said, move it to testing. Make sure it won't get into next stable and I am fine with backports for grsec. But I/we don't want packages that are in unstable only. Alex
Attachment:
signature.asc
Description: PGP signature