Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
-
- Posts: 26
- Joined: 2015/07/14 05:14:32
Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Is there any patches released for the Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715. I just want to update only the patches for the fixes. Can you provide the patch details here pls.
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Here:
https://access.redhat.com/errata/RHSA-2018:0012
https://access.redhat.com/errata/RHSA-2018:0007
https://access.redhat.com/errata/RHSA-2018:0014
Last kernel, linux-firmware and microcode_ctl updates,
https://access.redhat.com/errata/RHSA-2018:0012
https://access.redhat.com/errata/RHSA-2018:0007
https://access.redhat.com/errata/RHSA-2018:0014
Last kernel, linux-firmware and microcode_ctl updates,
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Please don't get into the habit of doing that as it will end up with an unmaintained and badly patched system. The patches we release are only tested with all previous patches applied. Do not cherry pick which things you put on and which you do not.I just want to update only the patches for the fixes.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
-
- Posts: 2019
- Joined: 2015/02/17 15:14:33
- Location: Bulgaria
- Contact:
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Also , keep in mind that kernel live patching won't do the trick for these 2.
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Hi,
on centos 7 server,
when uname -r shows 3.10.0-693.11.6.el7.x86_64,
is it the newest safe kernel version ?
thanks
on centos 7 server,
when uname -r shows 3.10.0-693.11.6.el7.x86_64,
is it the newest safe kernel version ?
thanks
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
yes,mtaa wrote:Hi,
on centos 7 server,
when uname -r shows 3.10.0-693.11.6.el7.x86_64,
is it the newest safe kernel version ?
thanks
- peopleinside
- Posts: 67
- Joined: 2013/11/13 10:41:22
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
The security issue should be fixed by the host and also is suggested to update Centos 7 ?
The fix on Centos 7 has already be released?
Thanks for the help.
The fix on Centos 7 has already be released?
Thanks for the help.
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Hi All,
Is there an official statement/documentation that 3.10.0-693.11.6.el7.x86_64 is NOT VULNERABLE from Meltdown and Spectre?
Is there an official statement/documentation that 3.10.0-693.11.6.el7.x86_64 is NOT VULNERABLE from Meltdown and Spectre?
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Replying to the above two messages: Please read https://access.redhat.com/errata/RHSA-2018:0007 (both tabs) to learn that kernel-3.10.0-693.11.6.el7 fixes these issues. This kernel has already been released for CentOS 7.
Re: Meltdown and spectre security flaws - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Having trouble installing updates, I use a custom repo that rsyncs from uwaterloo mirror. When using yum update it reports there are no available updates, but the package for the new kernel exists. Tried copying the uwaterloo repodata, then recreating my own after that failed. Is this kernel required to use manually installation of rpm?