[PLUG] Meltdown, Spectre and Debian
shirish शिरीष
shirishag75 at gmail.com
Sat Jan 6 14:24:47 IST 2018
at bottom :-
On 06/01/2018, Ritesh Raj Sarraf <rrs at researchut.com> wrote:
> On Fri, 2018-01-05 at 17:32 +0000, shirish शिरीष wrote:
>> The only good thing is that it doesn't increase any remote attack
>> vector than before but it does mean that people should be more
>> circumspect about any software they download at least till the next
>> couple of weeks when kernel updates and cpu-microcodes should take
>> some of the steam off.
>
> I just got the Meltdown fixed kernel. I am glad this got rolled in
> quick.
>
> [SECURITY] [DSA 4078-1] linux security update
>
> --
> Ritesh Raj Sarraf
> RESEARCHUT - http://www.researchut.com
> "Necessity is the mother of invention."
Thank you Ritesh,
https://tracker.debian.org/news/899456
In the hurry I had forgotten to share https://lwn.net/Articles/741878/
. From the news it seems some of those patches have been backported to
4.14.0.2-1
Even wikipedia has now a page for it
https://en.wikipedia.org/wiki/Kernel_page-table_isolation
Also spectre got its own page
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
and interestingly tbb (tor-brrowser) has the
privacy.firstparty.isolate set to true
--
Regards,
Shirish Agarwal शिरीष अग्रवाल
My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8
More information about the plug-mail
mailing list