On Wed, 2018-05-30 at 11:35 -0400, Antoine Beaupré wrote: > Should we provide updates for the spectre/meltdown v4 in the > intel-microcode package? > > It's non-free, so technically it's not supported even by the security > team, but considering the severity of those vulnerabilities, I guess we > should make an exception? > > A, with his frontdesk hat. As I understand it, the only microcode update published so far is to add features to mitigate Spectre v2 (IBPB, IBRS, Speculation Control). These features need to be actively invoked by system software, and the kernel changes to do so have not been backported to Linux 3.2. So there seems to be little point in doing the microcode update. Ben. -- Ben Hutchings No political challenge can be met by shopping. - George Monbiot
Attachment:
signature.asc
Description: This is a digitally signed message part