I have built all the source code releases from upstream for RHEL-6 regarding meltdown /spectre and released those into packages into the CentOS Linux 6.9 updates repository. As to whether or not either Arch (x86_64 or i386) is or is not vulnerable, the CentOS team does not test for or make claims concerning security fitness. What we do build the source code that is released upstream. Users must test for (and validate) the security fitness of CentOS Linux for their own usage profiles. If you require fully tested solutions with software assurance and validated security, that is what RHEL is for, right? You can read more about those issues here: https://access.redhat.com/security/vulnerabilities/speculativeexecution Thanks, Johnny Hughes On 03/06/2018 04:35 PM, Peter Wood wrote: > I have a clean install, fully updated CentOS 6 32-bit. > > When I run the Red Hat detection script: > https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh > > it finds that the system is vulnerable. > > Is this false positive or there is no patches for CentOS 6 32-bit systems? > > Thank you, > > -- Peter > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20180309/89765478/attachment-0005.sig>