DevHeads.net

CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

Hello,

will there be updates for these CVEs for CentOS 6?

Thanks,
Walter

Comments

Re: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

By Warren Young at 01/04/2018 - 17:41

On Jan 4, 2018, at 12:18 PM, Walter H. <walter. ... at mathemainzel dot info> wrote:
Red Hat hasn’t released them all yet. Quoting Christopher Robinson in the thread for this here:

<a href="https://access.redhat.com/errata/RHSA-2018:0007" title="https://access.redhat.com/errata/RHSA-2018:0007">https://access.redhat.com/errata/RHSA-2018:0007</a>

"We will be pushing errata out as soon as they have passed our QA team's testing. The more modern versions were easier to backport patches from upstream, and as you progress backwards the fixes change from a backporting exercise into a complete rewrite. We expect all packages for RHEL7 to be available shortly, with RHEL6 following closely behind.”

Robinson’s reply then goes into other ramifications which don’t impact CentOS for one reason or another, except insofar as CentOS’s speed in responding to this is gated in large part by Red Hat’s ability to respond.

Re: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

By Mike McCarthy at 01/07/2018 - 11:11

How about kernel-lt and kernel-ml?

Mike

On 01/04/2018 05:41 PM, Warren Young wrote:

Re: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

By Phil Perry at 01/07/2018 - 14:35

On 07/01/18 16:11, Mike McCarthy, W1NR wrote:
Mike,

If you are referring to kernel-lt and kernel-ml packages offered by
elrepo, may I refer you to this post / thread:

<a href="http://lists.elrepo.org/pipermail/elrepo/2018-January/004031.html" title="http://lists.elrepo.org/pipermail/elrepo/2018-January/004031.html">http://lists.elrepo.org/pipermail/elrepo/2018-January/004031.html</a>

Essentially, kernel-lt and kernel-ml contain all the latest fixes that
are in the equivalent upstream kernel versions.

Further, I'd highly recommend you read Greg Kroah-Hartman's blog posting
(below) summarising the current state of play within the Linux kernel
for Meltdown and Spectre issues:

<a href="http://www.kroah.com/log/blog/2018/01/06/meltdown-status/" title="http://www.kroah.com/log/blog/2018/01/06/meltdown-status/">http://www.kroah.com/log/blog/2018/01/06/meltdown-status/</a>

Re: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

By Johnny Hughes at 01/05/2018 - 09:02

I have released everything for CentOS-6 that has been released upstream
in RHEL source code.

I will continue to do so when they release new sources.

NOTE: We will NOT be releasing anything for CentOS versions before
CentOS-6 (ie, CentOS-2.1, 3.x, 4.x, 5.x releases in vault that are past
EOL will not get updates)

CentOS-6 and CentOS-7 will continue to get updates based on the specific
version of RHEL source code released.
Thanks,
Johnny Hughes

On 01/04/2018 04:41 PM, Warren Young wrote:

Re: CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754

By Noam Bernstein at 01/05/2018 - 09:07

Thanks - do you know if anything else is expected to be released soon for CentOS 6 or 7?

Noam