Security kernel upgrades

Now available in antiX stretch, buster, testing and sid repos are security fixes for the ‘meltdown’, ‘spectre’, ‘Foreshadow’, CVE-2019-8912, Zombieload, “SACK Panic” and BlueZ kernel vulnerabilities. These versions are available.

5.10.27 (64bit and 32 bit pae and non-pae-486)
4.19.184 (64bit and 32 bit pae and non-pae-486)
4.9.0-264 (64 bit and 32 bit pae and non-pae-486)
4.4.0-264 (64 bit and 32 bit pae and non-pae-486)

Those using antiX-17 have these options at the moment.

1. Use the 4.9.0-264.antix.1 kernel (RECOMMENDED)
2. Use the 4.19.184 kernel
3. Use the 5.10.27 kernel
4. Use a patched Debian, MX, siduction kernel
5. Do nothing (not advised).

antiX-16/16.1/16.2 users have these options.

1. Use the 4.4.221.antix.1 kernel (RECOMMENDED)
2. Use the 4.9.91.antix.1 kernel now in jessie repo
3. Use a patched Debian kernel (3.16.0-6)
4. Do nothing (not advised)

antiX-13/13.2/13.2 users have these options.

1. Use a patched Debian kernel (3.2.0-4)
2. Do nothing (not advised)

For more information on ‘spectre’ and ‘meltdown’ have a read of this

spectre_flaws_explained

edited on 21 April 2021 to show latest versions – anticapitalista

“spectre” and “meltdown” – 4.14.11 security kernel upgrades

I’m sure most people have heard about these kernel vulnerabilities by now. If not, have a read
spectre_flaws_explained

I have uploaded ‘meltdown’ secure kernels for 4.14.11 for 64 bit to antiX stretch/testing and sid repos. Patching the default 4.10.5 kernel is not progressing very well since the patches are very complex and there are no existing patches for the 4.10 series (yet).

So, at this moment in time, here are your choices.

1. Do nothing
2. Wait for the 4.10.5 kernel gets patched (no idea when that will be)
3. Use an existing patched kernel from Debian stretch (4.9 series)
4. Use the 4.14.11 antiX patched kernel.

4.14.9 kernels in repos

Latest 4.14.9 kernels for 32 and 64 bit, available in stretch, testing and sid repositories.
This kernel is a security fix for the bfs vulnerability so all users of an 4.14 series kernel should upgrade.

antiX-16.3-full iso files available

I have made available updated iso files of antiX-16 (jessie) series – full versions only for 32 and 64 bit arches. This is basically antiX-16.2 plus over 250 MB of upgrades.

Both isos fit on a cd.

If you already are using antiX-16 (16.1,16.2) series, there is no need to replace your install with this newer version.

Get files from here

Full announcement here

Network-manager available in antiX repos

Yes, you read it right.
Thanks to the great work by the Devuan project package team, I have managed to fork their version of network-manager to antiX stretch (not testing or sid).
You must install eudev for it to work.

apt-get update && apt-get install eudev && apt-get install network-manager

Once installed you will need to make sure /etc/network/interfaces file only contain the following.

# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

Post to let us know how well it works on systemd-free antiX-17.

antiX-17.1 sid based net images available

For those of you that want to live on the wild side of Debian and basically start out from scratch, antiX has provided sid based net images for you. You will need a wired connection since no firmware is included. Remember we are systemd-free!

This is for experts or for those that want to learn and are prepared to search for solutions to any possible issues.

antiX-17.1 sid based net images

32 bit version uses a 4.10.5 antiX custom kernel,while 64 bit ships with a 4.14.5 antiX custom kernel.

Includes:

* eudev
* sysvinit
* cli-aptix
* cli-installer-antix
* gcc-7
* live-kernel-updater
* live-usb-maker
* remaster-antix