Update SecureDrop kernels to 4.4.181+ #4520
Comments
|
So does that put xenial and the 4.14.x series further afield? |
|
Based on the information provided by the Linux kernel release page [0], 4.4 kernel series will be supported until 2022, whereas 4.14 kernel series will only be supported until Jan 2020. While the security improvements of a more modern kernel (provided by 4.14 series) would definitely be welcome, it may be more prudent to wait for the stable4 series of patches, where upstream support will likely be longer than 6 months. If, at some point, the support window for 4.14 shifts further into the future, we should definitely reconsider. |
|
As for Xenial, that transition was completed, and Ubuntu 16.04 is the only supported server OS version since SD 0.13.0. |
|
Tested 4.4.182-grsec kernel, built by @emkll, against supported hardware - all boot and have comparable paxtest results to current 4.4.177-grsec kernels. |
SecureDrop instances are currently running 4.4.177 grsecurity-patched kernels.
To benefit from the most recent round of security improvements, we should update to the latest grsecurity kernel version in the 4.4 series (as of this writing: 4.4.181).
The text was updated successfully, but these errors were encountered: