On Sun, Mar 04, 2018 at 01:31:04PM -0500, [email protected] wrote: > On Sun, 04 Mar 2018 06:59:46 +0000, [email protected] said: > > It is not secure because it is not fixed for these issues: > > https://meltdownattack.com/ > > Note that saying "The CPU isn't vulnerable to Meltdown/Spectre, therefor > the 4.1 kernel is OK" is *incredibly* wrong. > > For the record, since 4.1 came out, there's been at *least* a dozen security > issues in the Linux kernel that have been a *lot* scarier for security > professionals than the Meltdown/Spectre issue. That only got any news > coverage > because it was an actual hardware design flaw that was believed to be > difficult > to easily fix with software changes...
To be fair, the next 4.1.y release to come out in a few days should have almost all of these issues resolved. So as long as you are keeping your systems up to date, all should be fine. But again, this kernel is going to be end-of-life in a few short weeks, so you had better be moving off of it already, or else you will be in trouble soon. thanks, greg k-h _______________________________________________ Kernelnewbies mailing list [email protected] https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
