Language Selection

English French German Italian Portuguese Spanish

Meltdown Patches and Problems

Filed under
Security
Ubuntu
  • [Ubuntu] Meltdown and Spectre Status Update

    On Tuesday, January 9, 2018 we released Ubuntu kernel updates for mitigation of CVE-2017-5754 (aka Meltdown / Variant 3) for the x86-64 architecture.

  • Lubuntu 17.10.1 (Artful Aardvark) released!

    Lubuntu 17.10.1 has been released to fix a major problem affecting many Lenovo laptops that causes the computer to have BIOS problems after installing. You can find more details about this problem here.

    Please note that the Meltdown and Spectre vulnerabilities have not been fixed in this ISO, so we advise that if you install this ISO, update directly after.

    This release is no different in terms of features from the 17.10 release, and is comparable to an LTS point release in that all updates since the 17.10 release have been rolled into this ISO. You can find the initial announcement here.

  • Check Linux for Spectre or Meltdown vulnerability

    Devices running Linux are affected by Spectre and Meltdown vulnerabilities as much as their Windows counterparts.

    Development teams work on updated kernels for the various distributions, and users need to update browsers and other software to protect data against potential attacks.

    We talked about identifying whether your Windows PC or web browser is vulnerable already. A recently published script does the same for Linux systems. You may use it to check whether your Linux distribution is vulnerable.

  • Meltdown Patch Is Causing Problems for Some Ubuntu Linux Users

    Many Ubuntu Linux users who installed the latest kernel updates to fix the Meltdown CPU vulnerability found themselves stuck in a boot loop and had to revert back to a previous version.

    The problem affected mostly Ubuntu 16.04 (Xenial Xerus), which is a long-term support (LTS) release. Soon after the 4.4.0-108 kernel update was released to fix the Meltdown vulnerability, users flooded the Ubuntu Forums and bug tracker to report booting problems.

  • Meltdown Update Kernel doesnt boot
  • Major Linux distros have Meltdown patches, but that's only part of the fix

    The Intel Meltdown security problem is the pain that just keeps hurting. Still, there is some good news. Ubuntu and Debian Linux have patched their distributions. The bad news? It's becoming clearer than ever that fixing Meltdown causes significant performance problems. Worst still, many older servers and appliances are running insecure, unpatchable Linux distributions.

More in Tux Machines

Red Hat News

  • An Open Source Load Balancer for OpenShift
    A highly-available deployment of OpenShift needs at least two load balancers: One to load balance the control plane (the master API endpoints) and one for the data plane (the application routers). In most on-premise deployments, we use appliance-based load balancers (such as F5 or Netscaler).
  • Red Hat Beefs Up Platform as a Service Suite
    Red Hat has begun shipping Red Hat Fuse 7, the next major release of its distributed, cloud-native integration solution, and introduced a new fully hosted low-code integration platform as a service (iPaaS) offering, Fuse Online. With Fuse 7, the vendor says expanding its integration capabilities natively to Red Hat OpenShift Container Platform, an enterprise Kubernetes platform. Fuse gives customers a unified solution for creating, extending and deploying containerized integration services across hybrid cloud environments.
  • Red Hat ‘Fuses’ Low Code Development and Data Integration
    Red Hat, a provider of open source solutions, has announced Red Hat Fuse 7, the next major release of its distributed, cloud-native integration solution, and introduced a new fully hosted low-code integration platform as a service offering, Fuse Online. With Fuse 7, Red Hat is expanding its integration capabilities natively to Red Hat OpenShift Container Platform, a comprehensive enterprise Kubernetes platform. Fuse gives customers a unified solution for creating, extending and deploying containerized integration services across hybrid cloud environments.
  • The GPL cooperation commitment and Red Hat projects
    As of today, all new Red Hat-initiated open source projects that opt to use GPLv2 or LGPLv2.1 will be expected to supplement the license with the cure commitment language of GPLv3. The cure language will live in a file in the project source tree and will function as an additional permission extended to users from the start. This is the latest development in an ongoing initiative within the open source community to promote predictability and stability in enforcement of GPL-family licenses. The “automatic termination” provision in GPLv2 and LGPLv2.x is often interpreted as terminating the license upon noncompliance without a grace period or other opportunity to correct the error in compliance. When the Free Software Foundation released GPLv2 in 1991, it held nearly all GPL-licensed copyrights, in part a consequence of the copyright assignment policy then in place for GNU project contributions. Long after the Linux kernel and many other non-GNU projects began to adopt the GPL and LGPL, the FSF was still the only copyright holder regularly engaged in license enforcement. Under those conditions, the automatic termination feature of GPLv2 section 4 may have seemed an appropriate means of encouraging license compliance.
  • Monness Believes Red Hat (NYSE: RHT) Still Has Room to Grow
  • Comparing Red Hat (RHT) & Autoweb (AUTO)
  • As Red Hat (RHT) Share Value Rose, Calamos Advisors Upped Its Position by $300,831; Chilton Capital Management Increases Stake in Equinix (EQIX)
  • Blair William & Co. IL Buys 23,279 Shares of Red Hat Inc (RHT)

Total War: WARHAMMER

Red Hat changes its open-source licensing rules

From outside programming circles, software licensing may not seem important. In open-source, though, licensing is all important. So, when leading Linux company Red Hat announces that -- from here on out -- all new Red Hat-initiated open-source projects that use the GNU General Public License(GPLv2) or GNU Lesser General Public License (LGPL)v2.1 licenses will be expected to supplement the license with GPL version 3 (GPLv3)'s cure commitment language, it's a big deal. Read more

Android Leftovers