Re: Question on CVE-2017-5754 on Debian 8.9

[Michael Fothergill <michael.fothergill@gmail.com>]

The neowin link above has a link to a Phoronix article[1], which
suggests you need GCC 8.0, or maybe 7.3 if a backport succeeds. That was
9 days ago, of course ... Stretch only has 6.3, and even sid only has
7.2, so I don't see it hitting debian soon.

Richard

[1]
https://www.phoronix.com/scan.php?page=news_item&px=Linux-4.9-4.14-Retpoline

​Some new patches are coming soon:

https://www.phoronix.com/scan.php?page=news_item&px=Spectre-Variant-One-Linux-4.16

​https://www.phoronix.com/scan.php?page=news_item&px=LLVM-Retpoline-Added

I have posted a query on the gentoo forum asking if I have a recent enough version of gcc etc for the retpoline.

There is a test program you can install and run and it will tell you if both the meltdown and spectre patched are installed which I will try out.

Looks like your all going to have to run the latest kernels....(J)

Regards

MF