[CentOS] CentOS 6 i386 - meltdown and spectre

Fri Mar 9 15:52:38 UTC 2018
Johnny Hughes <johnny at centos.org>

I have built all the source code releases from upstream for RHEL-6
regarding meltdown /spectre and released those into packages into the
CentOS Linux 6.9 updates repository.

As to whether or not either Arch (x86_64 or i386) is or is not
vulnerable, the CentOS team does not test for or make claims concerning
security fitness.  What we do build the source code that is released
upstream.

Users must test for (and validate) the security fitness of CentOS Linux
for their own usage profiles.  If you require fully tested solutions
with software assurance and validated security, that is what RHEL is
for, right?


You can read more about those issues here:
https://access.redhat.com/security/vulnerabilities/speculativeexecution

Thanks,
Johnny Hughes


On 03/06/2018 04:35 PM, Peter Wood wrote:
> I have a clean install, fully updated CentOS 6 32-bit.
> 
> When I run the Red Hat detection script:
> https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh
> 
> it finds that the system is vulnerable.
> 
> Is this false positive or there is no patches for CentOS 6 32-bit systems?
> 
> Thank you,
> 
> -- Peter
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20180309/89765478/attachment-0005.sig>