X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type; q=dns; s=default; b=blQs k9N5sesxT+IpHKSYey51HNDlTcz1QGG3uuagVRgfrqCAJn7VX0ISBAqjjPGXC+yg EpccSaWI1LKmx4iG9tktrh31Fy+nCM+GcTFX6+tXptYMomSny3thVvKtS3PVBp2C BfCLd6rJ8AV2whM79HkY5QTA/EH5ODyVzDdPcGg= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type; s=default; bh=ZQECOua1iA qCtKbJt9NZM0+8ZLs=; b=DfamiUVfFRHViJMqewy/PsD99gZ8oSWBbjy//Pw/cf YFKmgfbAW5K+FqpciRJEXoLA5M7bxNTm5VB8LHfDKMmvTMA5AzVEEpdRYrQ3Pfy5 Ly1aogSKopmvcT71YUqOtw4vs2pTOdvHxNtWqXibInuoHB4dyHPAP+jlrAC6huJ7 4= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=BAYES_00,KAM_LAZY_DOMAIN_SECURITY,SPF_HELO_PASS autolearn=no version=3.3.2 spammy=ourselves, H*Ad:U*yselkowitz, H*M:cygwin X-HELO: mx1.redhat.com Subject: Re: Upstream Spectre CVE Patch Availability To: cygwin AT cygwin DOT com References: From: Yaakov Selkowitz Message-ID: <587dcb22-7d47-8d7c-17f9-8151a33bdd1c@cygwin.com> Date: Fri, 19 Jan 2018 01:21:35 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="trL2AXrLsXgsIOQOeNR6EWTr5rpOJIca8" X-IsSubscribed: yes --trL2AXrLsXgsIOQOeNR6EWTr5rpOJIca8 Content-Type: multipart/mixed; boundary="Xt5AcSWtiwGx6pI65GGJePYZMV38lSEu9"; protected-headers="v1" From: Yaakov Selkowitz To: cygwin AT cygwin DOT com Message-ID: <587dcb22-7d47-8d7c-17f9-8151a33bdd1c AT cygwin DOT com> Subject: Re: Upstream Spectre CVE Patch Availability References: In-Reply-To: --Xt5AcSWtiwGx6pI65GGJePYZMV38lSEu9 Content-Type: text/plain; charset=windows-1252 Content-Language: en-CA Content-Transfer-Encoding: quoted-printable On 2018-01-18 19:45, Brian Inglis wrote: > Not seen any posts here about the monster in the chip yet (although those= who > might know may be busy dealing with the issues in their jobs), so has any= one any > idea if or when we might see upstream Spectre CVE patches available for t= he > following packages, whose bases have been mentioned in the many articles > published recently, and has anyone seen mention of any other packages lik= ely to > be affected? The most important thing you can do is make sure you apply all Windows updates. To whatever degree these can be mitigated in userspace, we're all still waiting for code to land elsewhere (namely, Fedora); we simply don't have the resources to work on this ourselves. --=20 Yaakov --Xt5AcSWtiwGx6pI65GGJePYZMV38lSEu9-- --trL2AXrLsXgsIOQOeNR6EWTr5rpOJIca8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iHQEARECADQWIQRFYAu5jKh4qpenARn/IK+aZu4flAUCWmGcgBYceXNlbGtvd2l0 ekBjeWd3aW4uY29tAAoJEP8gr5pm7h+UFVIAn0zw0gHy9/JrE79pAe4i/QTe6jHP AJ9QxuW5A6K3nXoea1dyejgPk5SXdQ== =erm8 -----END PGP SIGNATURE----- --trL2AXrLsXgsIOQOeNR6EWTr5rpOJIca8--