This release switches the toolchain to Gentoo's hardened-dev overlay which includes all of the hardening features of the previous release in the compiler specs rather than in make.conf. The current toolchain is comprised of binutils-2.18-r3, glibc-2.9_p20081201-r4, and gcc-4.4.1-r2. The kernel was held at the same version as the previous release.


This release deepens the hardening of the binaries from the previous release with little changes to the kernel. The toolchain, composed of binutils-2-18, glibc-2.9 and gcc-4.3.3 was used to compile the system from scratch with the following features:


This release is a complete rebuild from scratch using glibc-2.8 and gcc-4.3.3 with stack-protection and other hardening from upstream. Important updated packages include:

  • coreutils-7.1
  • util-linux-2.14.2
  • gnupg-2.0.11
  • xorg-server-1.5.3-r5 and associated x11-drivers
  • ffmpeg-0.5-r1, gstreamer-0.10.22 and associated libraries and plugins
  • portage-


This release addresses many important updates from upstream, particularly:

  • hardened-sources-2.6.28-r7
  • openssl-0.9.8k
  • openssh-5.2_p1-r1
  • glibc-2.8_p20080602-r1
  • gnupg-2.0.10
  • gnome-2.24.1

Approximately 130 other packages were also upgraded. The full lists can be seen here: amd64 and i686.

Password hashing was switched form MD5 to SHA512 with the new glibc.


This is primarily a maintenance release addressing approximately 90 updates and syncing upstream with hardened Gentoo. Some minor bugfixes to the desktop were made. You can read the full list of updates for amd64 and i686.