Hi Johnny,
Thank you for your reply.
It seems to me that my message may have came around as offensive but that was not my intend. I have basic understanding how things work and when I said CentOS I actually meant Red Hat and all its derivatives. I asked CentOS community because that's the community I'm member of. Not to say that CentOS is not secure or anything like that.
Anyway, I'm stuck with a few 32bit systems exposed to customers and I have to come up with an answer to their question about meltdown/spectre. At this point all I can say is that Red Hat hasn't patched 32bit systems but that is hard to believe so I assumed that I'm wrong and decided to ask the community.
Thank you,
-- Peter
On Fri, Mar 9, 2018 at 7:52 AM, Johnny Hughes johnny@centos.org wrote:
I have built all the source code releases from upstream for RHEL-6 regarding meltdown /spectre and released those into packages into the CentOS Linux 6.9 updates repository.
As to whether or not either Arch (x86_64 or i386) is or is not vulnerable, the CentOS team does not test for or make claims concerning security fitness. What we do build the source code that is released upstream.
Users must test for (and validate) the security fitness of CentOS Linux for their own usage profiles. If you require fully tested solutions with software assurance and validated security, that is what RHEL is for, right?
You can read more about those issues here: https://access.redhat.com/security/vulnerabilities/speculativeexecution
Thanks, Johnny Hughes
On 03/06/2018 04:35 PM, Peter Wood wrote:
I have a clean install, fully updated CentOS 6 32-bit.
When I run the Red Hat detection script: https://access.redhat.com/sites/default/files/spectre-
meltdown--a79614b.sh
it finds that the system is vulnerable.
Is this false positive or there is no patches for CentOS 6 32-bit
systems?
Thank you,
-- Peter _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos