grsecurity 2.0.1 has been released for Linux 2.4.27 and 2.6.7. gradm has 
been updated to 2.0.1 for this release. This release includes PaX 
updates, proper locking that resolves NULL pointer oopses that some were 
experiencing, role de-authentication no longer requires a password, role 
name and subject name are displayed with every log if the RBAC system is 
enabled, the random TCP source ports feature won't fail before all ports 
are used, IP-based role support has been added to special roles, 
capability inheritance is fixed, the regular expression matching code 
for RBAC objects has been enhanced to support expected results of 
filename matching better and also handles [a-Z] style matching, stack 
usage has been reduced, kernel memory usage has been reduced, domain 
support has been added which allows you to group separate user roles 
together in the RBAC system, fixed XFS sleep-on-locking errors in 2.6, 
and automatic exploit bruteforcing deterrence, which delays an attack in 
services like apache where a parent forks off several children all 
sharing the same randomized address space layout and the attacker 
attempts to bruteforce the children by exhausting every possible 
randomized address. This release also fixes an important security issue 
discovered by stealth which allowed an attacker to kill protected 
processes in the RBAC system through a system call added recently to 
Linux. The chroot restrictions were unaffected by the addition of the 
system call. Some naming conventions were also changed, so 
/etc/grsec/acl has become /etc/grsec/policy. gradm will automatically 
move the file for you. gradm also supports directory including again, 
and several bugs have been fixed.
If you're going to use 2.6.7, please also apply fixes for the numerous 
security bugs present in that kernel. Due to significant changes in the 
"stable" 2.6 tree that break much of PaX, a 2.6.8 patch may not be 
coming soon.

Grsecurity has recently enlisted the help of former developer Michael 
Dalton who will be focusing on userland changes. These changes will be 
made initially for the Debian distribution and can be obtained by adding 
the following lines to your /etc/apt/sources.list:
deb http://grsecurity.net/debian/ unstable main
deb-src http://grsecurity.net/debian/ unstable main

As of this writing, glibc 2.3.2 packages for i386 and sparc(64) are 
available that include Stefan Esser's unlink sanity check and remove 
LD_DEBUG for suid apps to prevent leaking of randomization information. 
We will be moving to a new server shortly that will have more space for 
these packages.

Thanks to my sponsors and everyone who has donated for making this possible.
Enjoy

-Brad