On Wed, 2018-01-10 at 11:13 -0600, Xan Charbonnet wrote: > Hello, > > Is a Meltdown fix for the wheezy-backports kernel (3.16) on the way? > Thanks very much! I'm sorry to tell you that wheezy-backports has not been supported for nearly a year now. This was never widely announced (I can no longer find the announcement) and I think this end-of-life was handled extremely badly by the backports administrators. If you have any systems running untrusted userland on top of a wheezy- backports kernel. you should assume that they have been compromised, as it is vulnerable to several local privilege escalation attacks. If you really need to continue running wheezy userland on top of Linux 3.16, then you have several options: 1. Add jessie sources to APT and use pinning to avoid upgrading anything else. 2. Create a wheezy chroot or container environment on top of a jessie installation. 3. Run wheezy in a VM on top of a jessie installation. Ben. -- Ben Hutchings If you seem to know what you are doing, you'll be given more to do.
Attachment:
signature.asc
Description: This is a digitally signed message part