Meltdown and Spectre Vulnerability

Forum Forums New users New Users and General Questions Meltdown and Spectre Vulnerability

  • This topic has 3 replies, 3 voices, and was last updated Jan 5-9:33 pm by Anonymous.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #4744
    Anonymous

    Hello Antix Forums,

    Saw this and wonder how this may affect Antix users and Firefox ESR.

    https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/

    Thanks

    PoorGuy

    #4755
    Member
    skidoo
    Helpful
    Up
    0

    wonder how this may affect Antix users and Firefox ESR.

    (pointless to dredge through myriad overly-specific permutations)
    wonder how this may affect left-handed Antix users and PaleMoon
    wonder how this may affect southern-hemisphere Antix users and LibreOffice…

    Instead of wondering, for starters… please refer to the 5-page-long topic over at MX Linux forum.
    http://forum.mxlinux.org/viewtopic.php?f=6&t=43696

    ————————

    specific to firefox (and firefox-ESR)

    Mozilla released Firefox 57.0.4 to the Stable browser channel on January 4, 2018.
    The new version of Firefox comes with two timing-based mitigations designed to protect Firefox users against Meltdown and Spectre attacks.

    mozilla security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/

    Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. This includes both explicit sources, like performance.now(), and implicit sources that allow building high-resolution timers, viz., SharedArrayBuffer.
    […] The precision of performance.now() has been reduced from 5μs to 20μs, and the SharedArrayBuffer feature has been disabled because it can be used to construct a high-resolution timer. […] …SharedArrayBuffer is already disabled on Firefox 52 ESR

    #4756
    Forum Admin
    anticapitalista
    Helpful
    Up
    0

    4.14.11 security fix kernel is in the antiX stretch repos (64 bit only).
    sid/testing versions should appear soon.

    security fixed 4.10.5 kernel (antiX-17) and 4.4 kernel (antiX-16) will be available once I can get the patches to build (this is far from trivial to do).

    • This reply was modified 3 years, 9 months ago by anticapitalista.

    Philosophers have interpreted the world in many ways; the point is to change it.

    antiX with runit - leaner and meaner.

    #4766
    Anonymous
    Helpful
    Up
    0

    4.14.11 security fix kernel is in the antiX stretch repos (64 bit only).
    sid/testing versions should appear soon.

    security fixed 4.10.5 kernel (antiX-17) and 4.4 kernel (antiX-16) will be available once I can get the patches to build (this is far from trivial to do).

    Thanks anticapitalista for your reply.

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.