-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2018-e90a380dbe 2018-05-11 01:35:54.192323 --------------------------------------------------------------------------------
Name : spectre-meltdown-checker Product : Fedora EPEL 6 Version : 0.37 Release : 1.el6 URL : https://github.com/speed47/spectre-meltdown-checker Summary : Spectre & Meltdown vulnerability/mitigation checker for Linux Description : Spectre & Meltdown vulnerability/mitigation checker for Linux.
-------------------------------------------------------------------------------- Update Information:
Update to 0.37 * Feature: add a detailed explanation of "what to do" when system if found vulnerable against one of the vulnerabilities (skip with `--no- explain`) * Feature: rework output for IBRS/IBPB check and better detection for newer kernels (IBRS_FW, IBPB without IBRS, ...) * Feature: check for Red Hat 7/CentOS 7 specific `retp_enabled` knob in sysfs * Feature: detect arm64 Spectre Variant 1, Spectre Variant 2 and Meltdown (Variant 3) mitigations * Feature: add detection of AMD-specific STIBP, STIBP-always-on, IBRS, IBRS-always-on and IBRS- preferred CPUID feature flags * Feature: when `ibpb_enabled=2` (Red Hat), warn if SMT is not disabled * Feature: detect whether the kernel supports RSB filling (important for Skylake+) * Feature: add `--paranoid` to make IBPB required in addition to retpoline for Variant 2 * Refactor: don't test AMD-specific flags on Intel and Intel-specific flags on AMD for clarity * Fix: when PTI activation is unknown, don't say we're vulnerable * Fix: don't hide microcode information for AMD CPUs * Misc: other minor fixes and enhancements --------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use su -c 'yum update spectre-meltdown-checker' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
epel-package-announce@lists.fedoraproject.org