diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2018-03-20 02:13:24 +0000 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2018-03-20 02:13:24 +0000 |
| commit | a87a499adc4609288ecb979d65a83acd38a22c90 (patch) | |
| tree | 45bc374335b51174bc18b50844d4c161b81d91ca | |
| parent | b56c7b81864828af54035e93d1b7a6c97fe70955 (diff) | |
Note some of the upstream commits mitigating Meltdown & Spectre on non-x86
So far the powerpc Meltdown stuff seems to be fixed in 4.9-stable
but otherwise these aren't being backported.
| -rw-r--r-- | active/CVE-2017-5715 | 2 | ||||
| -rw-r--r-- | active/CVE-2017-5753 | 2 | ||||
| -rw-r--r-- | retired/CVE-2017-5754 | 2 |
3 files changed, 6 insertions, 0 deletions
diff --git a/active/CVE-2017-5715 b/active/CVE-2017-5715 index 75d78cf1..3d987f60 100644 --- a/active/CVE-2017-5715 +++ b/active/CVE-2017-5715 @@ -19,6 +19,8 @@ Notes: carnil> 4.9.82-1+deb9u1 upload enforces a dependency on the used carnil> compiler with retpoline support. bwh> The list of upstream commits and the status below are for x86 only. + bwh> For arm64, we would probably need: be04a6d1126b02c6a28741155b899d648739fc5b, 0f15adbb2861ce6f75ccfc5a92b19eae0ef327d0, f3d795d9b360523beca6d13ba64c2c532f601149 + bwh> For s390x, we would probably need: d768bd892fc8f066cd3aa000eb1867bcf32db0ee, f19fbd5ed642dc31c809596412dab1ed56f2f156 bwh> 3.2.101 and 3.16.56 stable branches have retpoline support, but bwh> microcode support is TBD. Bugs: diff --git a/active/CVE-2017-5753 b/active/CVE-2017-5753 index fc464574..968255a3 100644 --- a/active/CVE-2017-5753 +++ b/active/CVE-2017-5753 @@ -7,6 +7,8 @@ Notes: carnil> Further work went in in 4.16-rc1, 4.15.2 and 4.9.81 and following carnil> for mitigations (Mitigation: __user pointer sanitization). bwh> The list of upstream commits and the status below are for x86 only. + bwh> For arm64, we would probably need: 669474e772b952b14f4de4845a1558fd4c0414a4, 022620eed3d0bc4bf2027326f599f5ad71c2ea3f, 51369e398d0d33e8f524314e672b07e8cf870e79, 4d8efc2d5ee4c9ccfeb29ee8afd47a8660d0c0ce, 6314d90e64936c584f300a52ef173603fb2461b5, c2f0ad4fc089cff81cef6a13d04b399980ecbfcc, 91b2d3442f6a44dce875670d702af22737ad5eff + bwh> Optimisation for s390x: e2dd833389cc4069a96b57bdd24227b5f52288f5 Bugs: upstream: released (4.16-rc4) [99c6fa2511d8a683e61468be91b83f85452115fa, 87590ce6e373d1a5401f6539f0c59ef92dd924a9, 61dc0f555b5c761cdafb0ba5bd41ecf22d68a4c4, b2157399cc9898260d6031c5bfe45fe137c1fbe7, e4d0e84e490790798691aaa0f2e598637f1867ec, be95a845cc4402272994ce290e3ad928aff06cb9, bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1, 7a32fc51ca938e67974cbb9db31e1a43f98345a9, 21d375b6b34ff511a507de27bf316b3dde6938d9, f84a56f73dddaeac1dba8045b007f742f61cd2da, f3804203306e098dae9ca51540fcd5eb700d7f40, babdde2698d482b6c0de1eab4f697cf5856c5859, b3d7ad85b80bbc404635dca80f5b129f6242bc7a, b3bbfb3fb5d25776b8e3f361d2eedaabb0b496cd, b5c4ae4f35325d520b230bab6eb3310613b72ac1, 304ec1b050310548db33063e567123fae8fd0301, c7f631cb07e7da06ac1d231ca178452339e32a94, 2fbd7af5af8665d18bcefae3e9700be07e22b681, 56c30ba7b348b90484969054d561f711ba196507, 259d8c1e984318497c84eef547bbb6b1d9f4eb05, edfbae53dab8348fca778531be9f4855d2ca0360, 085331dfc6bbe3501fb936e657331ca943827600, 3968523f855050b8195134da951b87c20bd66130, 8fa80c503b484ddc1abbd10c7cb2ab81f3824a50, 1d91c1d2c80cb70e2e553845e278b87a960c04da, eb6174f6d1be16b19cfa43dac296bfed003ce1a6] 4.9-upstream-stable: released (4.9.88) diff --git a/retired/CVE-2017-5754 b/retired/CVE-2017-5754 index 1104e428..cc0e42a2 100644 --- a/retired/CVE-2017-5754 +++ b/retired/CVE-2017-5754 @@ -3,6 +3,8 @@ References: https://meltdownattack.com/ Notes: bwh> The status below is for x86 only. + bwh> For arm64, we would probably need: 50c4c4e268a2d7a3e58ebb698ac74da0de40ae36..ea1e3de85e94d711f63437c04624aa0e8de5c8b3, 0ba2e29c7fc1d58a90fab614d41bf487e28e3840, ec89ab50a03a33a4a648869e868b1964354fb2d1, 41acec624087b1268a15f414cf7d573deebafeec, f992b4dfd58be07e31a42bc940a53b3e4b282616, 6dc52b15c4a48052ade2529d639eee401d76e469, f167211a93ac41a65b7a0ab79d4479d0fb58c4f1 + bwh> For powerpc, we would probably need: 222f20f140623ef6033491d0103ee0875fe87d35, b8e90cb7bc04a509e821e82ab6ed7a8ef11ba333, a08f828cf47e6c605af21d2cdec68f84e799c318, c7305645eb0c1621351cfc104038831ae87c0053, aa8a5e0062ac940f7659394f4817c948dc8c0667, bc9c9304a45480797e13a8e1df96ffcf44fb62fe, 8989d56878a7735dfdb234707a2fee6faf631085, 6e032b350cd1fdb830f18f8320ef0e13b4e24094, 274920a3ecd5f43af0cc380bc0a9ee73a52b9f8a, fd6e440f20b1a4304553775fc55938848ff617c9, 236003e6b5443c45c18e613d2b0d776a9f87540e, 1b689a95ce7427075f9ac9fb4aea1af530742b7f, bdcb1aefc5b3f7d0f1dc8b02673602bca2ff7a4b, 582605a429e20ae68fd0b041b2e840af296edd08, eb0a2d2620ae431c543963c8c7f08f597366fc60 Bugs: upstream: released (4.15-rc6) 4.9-upstream-stable: released (4.9.75) |