similar to: Effect Patches applied for Meltdown/Spectre Issues

I have built all the source code releases from upstream for RHEL-6 regarding meltdown /spectre and released those into packages into the CentOS Linux 6.9 updates repository. As to whether or not either Arch (x86_64 or i386) is or is not vulnerable, the CentOS team does not test for or make claims concerning security fitness. What we do build the source code that is released upstream. Users must

On Fri, Mar 9, 2018 at 10:46 AM, Peter Wood <peterwood.sd at gmail.com> wrote: > Anyway, I'm stuck with a few 32bit systems exposed to customers and I have > to come up with an answer to their question about meltdown/spectre. At this > point all I can say is that Red Hat hasn't patched 32bit systems but that > is hard to believe so I assumed that I'm wrong and

Awesome. Thank you. Embarrassing but I can't find the Q&A page with this question. Can you please post a link to it. Thanks, -- Peter On Fri, Mar 9, 2018 at 11:16 AM, Akemi Yagi <amyagi at gmail.com> wrote: > On Fri, Mar 9, 2018 at 10:46 AM, Peter Wood <peterwood.sd at gmail.com> > wrote: > > > Anyway, I'm stuck with a few 32bit systems exposed to

By now, we're sure most everyone have heard of the Meltdown and Spectre attacks. If not, head over to https://meltdownattack.com/ and get an overview. Additional technical details are available from Google Project Zero. https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html The FreeBSD Security Team was notified of the issue in late December and received a

By now, we're sure most everyone have heard of the Meltdown and Spectre attacks. If not, head over to https://meltdownattack.com/ and get an overview. Additional technical details are available from Google Project Zero. https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html The FreeBSD Security Team was notified of the issue in late December and received a

Hi Johnny, Thank you for your reply. It seems to me that my message may have came around as offensive but that was not my intend. I have basic understanding how things work and when I said CentOS I actually meant Red Hat and all its derivatives. I asked CentOS community because that's the community I'm member of. Not to say that CentOS is not secure or anything like that. Anyway,

What are the patches that I can download and install to be protected against the Meltdown and Spectre security vulnerabilities? ===BEGIN SIGNATURE=== Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017 [1] https://tdtemcerts.wordpress.com/ [2] http://tdtemcerts.blogspot.sg/ [3] https://www.scribd.com/user/270125049/Teo-En-Ming ===END SIGNATURE===

Hi, Depends on your centos release; 6 or 7 ? The most recent kernel are patched; have a look at the release notes, e.g. https://www.redhat.com/archives/rhsa-announce/2018-January/msg00080.html <https://www.redhat.com/archives/rhsa-announce/2018-January/msg00080.html> https://access.redhat.com/errata/RHSA-2018:0008 <https://access.redhat.com/errata/RHSA-2018:0008> Regards . G?tz

I have a clean install, fully updated CentOS 6 32-bit. When I run the Red Hat detection script: https://access.redhat.com/sites/default/files/spectre-meltdown--a79614b.sh it finds that the system is vulnerable. Is this false positive or there is no patches for CentOS 6 32-bit systems? Thank you, -- Peter

Does anyone know if Red Hat are working on backporting improved mitigation techniques and features from newer, 4.14.14+ kernels? $ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Vulnerable /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline

Hi all! I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU. I note that when I run the redhat script to test for spectre & meltdown I get this result for variant 2: Variant #2 (Spectre): Vulnerable CVE-2017-5715 - speculative execution branch target injection - Kernel with mitigation patches: OK - HW support / updated microcode: NO - IBRS: Not disabled on

On 16/03/18 18:24, Fred Smith wrote: > Hi all! > > I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU. > What kernel are you running (uname -r)? > I note that when I run the redhat script to test for spectre & meltdown > I get this result for variant 2: > > Variant #2 (Spectre): Vulnerable > CVE-2017-5715 - speculative execution branch

Sorry, I meant RedHat's Gluster Storage Server 3.2 which is latest and greatest. On Wed, Aug 2, 2017 at 9:28 AM, Kaushal M <kshlmster at gmail.com> wrote: > On Wed, Aug 2, 2017 at 5:07 PM, Mark Connor <markconnor64 at gmail.com> > wrote: > > Can the glusterd daemon be restarted on all storage nodes without causing > > any disruption to data being served or the

On Wed, Aug 2, 2017 at 5:07 PM, Mark Connor <markconnor64 at gmail.com> wrote: > Can the glusterd daemon be restarted on all storage nodes without causing > any disruption to data being served or the cluster in general? I am running > gluster 3.2 using distributed replica 2 volumes with fuse clients. Yes, in general. Any clients already connected will still continue to work. What

Can the glusterd daemon be restarted on all storage nodes without causing any disruption to data being served or the cluster in general? I am running gluster 3.2 using distributed replica 2 volumes with fuse clients. Regards, Mark -------------- next part -------------- An HTML attachment was scrubbed... URL:

No. After bringing up one brick and before stopping the next one, you need to be sure that there are no damaged files. You shouldn't reboot a node if "gluster volume heal <volname> info" shows damaged files. What happens in this case then? I'm thinking about a situation where the servers are kept in an environment that we don't control - i.e. the cloud. If the VMs are

On 6 February 2018 at 20:09, David Newall <openssh at davidnewall.com> wrote: > Do we need to do anything? It's not clear to me how SSH is vulnerable to > Spectre -- that is, how SSH can be used to execute a Spectre attack? I am more concerned with it being the target of a Spectre style attack. There's some long lived private data (host keys in the case of sshd, session keys

> >>> Does some one have problems related to KVM with > >>> kernel-2.6.32-754.3.5.el6.x86_64 ?? > >> > >> Yes, the exact same thing happened here, and I suspect it is related to > >> older cpus that don't get any Spectre/Meltdown updates. > > > > > > Thanks for the feedback. I' was assuming that some kind of > >

On Tue, Mar 20, 2018 at 5:26 AM, Victor T <hero_of_nothing_1 at hotmail.com> wrote: > That makes sense. In the case of "file damage," it would show up as files > that could not be healed in logfiles or gluster volume heal [volume] info? > If the damage affects more bricks than the volume redundancy, then probably yes. These files or directories will appear in

On 01/19/2018 06:17 AM, Pasi K?rkk?inen wrote: > On Thu, Jan 18, 2018 at 11:48:35AM -0600, Kevin Stange wrote: >> Hi, >> > > Hi, > >> I am very sorry to do this on short notice, but obviously Meltdown and >> Spectre are a lot more than anyone was really expecting to come down the >> pipeline. Xen 4.4 has been EOL upstream for about a year now and I