[SOLVED] Jessie kernel upgrade

Kernels & Hardware, configuring network, installing services

[SOLVED] Jessie kernel upgrade

Postby ticojohn » 2018-04-05 20:28

I am currently using 4.9.0-0.bpo.4-686-pae #1 SMP Debian 4.9.65-3+deb9u1~bpo8+1. I noticed in some searches regarding Stretch that
4.9.0-0.bpo.5-686-pae #1 SMP Debian 4.9.65-3+deb9u2~bpo8+1 has been patched to mitigate the Meltdown vulnerability. I also noticed that the same version is available in jessie-backports.

So, hoping this isn't too dumb of a question, is the version in jessie-backports also patched for the Meltdown vulnerability. I would assume so, but assuming things is a good way to bork a system. And should I take the time to upgrade the kernel?
Last edited by ticojohn on 2018-04-05 22:30, edited 1 time in total.
I'm not irrational, I'm just quantum probabilistic.
User avatar
ticojohn
 
Posts: 801
Joined: 2009-08-29 18:10
Location: Costa Rica

Re: Jessie kernel upgrade

Postby bw123 » 2018-04-05 21:41

Look at the changelog on the pkg page.

https://packages.debian.org/jessie-back ... .5-686-pae
User avatar
bw123
 
Posts: 3572
Joined: 2011-05-09 06:02
Location: TN_USA

Re: Jessie kernel upgrade

Postby ticojohn » 2018-04-05 22:30

bw123 wrote:Look at the changelog on the pkg page.

https://packages.debian.org/jessie-back ... .5-686-pae

Thanks for that reply. Further reading seems to indicate that there is not yet a patch for 32 bit (i386). So, maybe the best thing to do is turn off Javascript. Of course lots of things, like my email, may not work. But I can turn on javascript only when reading emails then turn off again.
I'm not irrational, I'm just quantum probabilistic.
User avatar
ticojohn
 
Posts: 801
Joined: 2009-08-29 18:10
Location: Costa Rica

Re: Jessie kernel upgrade

Postby bw123 » 2018-04-05 23:11

ticojohn wrote:
bw123 wrote:Look at the changelog on the pkg page.

https://packages.debian.org/jessie-back ... .5-686-pae

Thanks for that reply. Further reading seems to indicate that there is not yet a patch for 32 bit (i386). So, maybe the best thing to do is turn off Javascript. Of course lots of things, like my email, may not work. But I can turn on javascript only when reading emails then turn off again.


I think I would see if the cpu is vulnerable before worryng too much about it. Maybe try a live stretch 686 and do the spectre-meltdown checker on it?

https://packages.debian.org/stretch-bac ... wn-checker

It is a script, I don;t know if will run on jessie, but there's probably some other ways to assess the risk...

good luck.
User avatar
bw123
 
Posts: 3572
Joined: 2011-05-09 06:02
Location: TN_USA


Return to System configuration

Who is online

Users browsing this forum: No registered users and 2 guests

fashionable