I have built all the source code releases from upstream for RHEL-6 regarding meltdown /spectre and released those into packages into the CentOS Linux 6.9 updates repository.
As to whether or not either Arch (x86_64 or i386) is or is not vulnerable, the CentOS team does not test for or make claims concerning security fitness. What we do build the source code that is released upstream.
Users must test for (and validate) the security fitness of CentOS Linux for their own usage profiles. If you require fully tested solutions with software assurance and validated security, that is what RHEL is for, right?
You can read more about those issues here: https://access.redhat.com/security/vulnerabilities/speculativeexecution
Thanks, Johnny Hughes
On 03/06/2018 04:35 PM, Peter Wood wrote:
I have a clean install, fully updated CentOS 6 32-bit.
When I run the Red Hat detection script: https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh
it finds that the system is vulnerable.
Is this false positive or there is no patches for CentOS 6 32-bit systems?
Thank you,
-- Peter _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos