Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

[SOLVED] Jessie kernel upgrade

Linux Kernel, Network, and Services configuration.
Post Reply
Message
Author
User avatar
ticojohn
Posts: 1284
Joined: 2009-08-29 18:10
Location: Costa Rica
Has thanked: 21 times
Been thanked: 44 times

[SOLVED] Jessie kernel upgrade

#1 Post by ticojohn »

I am currently using 4.9.0-0.bpo.4-686-pae #1 SMP Debian 4.9.65-3+deb9u1~bpo8+1. I noticed in some searches regarding Stretch that
4.9.0-0.bpo.5-686-pae #1 SMP Debian 4.9.65-3+deb9u2~bpo8+1 has been patched to mitigate the Meltdown vulnerability. I also noticed that the same version is available in jessie-backports.

So, hoping this isn't too dumb of a question, is the version in jessie-backports also patched for the Meltdown vulnerability. I would assume so, but assuming things is a good way to bork a system. And should I take the time to upgrade the kernel?
Last edited by ticojohn on 2018-04-05 22:30, edited 1 time in total.
I am not irrational, I'm just quantum probabilistic.

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Jessie kernel upgrade

#2 Post by bw123 »

Look at the changelog on the pkg page.

https://packages.debian.org/jessie-back ... .5-686-pae
resigned by AI ChatGPT

User avatar
ticojohn
Posts: 1284
Joined: 2009-08-29 18:10
Location: Costa Rica
Has thanked: 21 times
Been thanked: 44 times

Re: Jessie kernel upgrade

#3 Post by ticojohn »

bw123 wrote:Look at the changelog on the pkg page.

https://packages.debian.org/jessie-back ... .5-686-pae
Thanks for that reply. Further reading seems to indicate that there is not yet a patch for 32 bit (i386). So, maybe the best thing to do is turn off Javascript. Of course lots of things, like my email, may not work. But I can turn on javascript only when reading emails then turn off again.
I am not irrational, I'm just quantum probabilistic.

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: Jessie kernel upgrade

#4 Post by bw123 »

ticojohn wrote:
bw123 wrote:Look at the changelog on the pkg page.

https://packages.debian.org/jessie-back ... .5-686-pae
Thanks for that reply. Further reading seems to indicate that there is not yet a patch for 32 bit (i386). So, maybe the best thing to do is turn off Javascript. Of course lots of things, like my email, may not work. But I can turn on javascript only when reading emails then turn off again.
I think I would see if the cpu is vulnerable before worryng too much about it. Maybe try a live stretch 686 and do the spectre-meltdown checker on it?

https://packages.debian.org/stretch-bac ... wn-checker

It is a script, I don;t know if will run on jessie, but there's probably some other ways to assess the risk...

good luck.
resigned by AI ChatGPT

Post Reply