gpg: Signature made Tue Jul 31 20:19:19 2018 UTC
gpg: using DSA key 2099B64CBF15490B
gpg: Good signature from "Andy Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andrew James Smith <andy@strugglers.net>" [unknown]
gpg: aka "Andy Smith (UKUUG) <andy.smith@ukuug.org>" [unknown]
gpg: aka "Andy Smith (BitFolk Ltd.) <andy@bitfolk.com>" [unknown]
gpg: aka "Andy Smith (Linux User Groups UK) <andy@lug.org.uk>" [unknown]
gpg: aka "Andy Smith (Cernio Technology Cooperative) <andy.smith@cernio.com>" [unknown]
Hi Michael,
On Tue, Jul 31, 2018 at 08:39:51PM +0100, Michael Stevens wrote:
> Am I right in thinking this is a risk for those of us who are foolishly
> up to date with our debian, as I don't think the fixed kernel package
> has released yet?
As that particular bug is not a security bug and there is a
workaround I don't think Debian are intending to push out an updated
package until the next sable point release, which I think is going
to be some time in September.
If you are currently running Debian stable (stretch) 64-bit and you
have upgraded your kernel to the latest package then you could do
one of the following:
- Add "pti=off" to your kernel command line. Normally accomplished
by adding it to the GRUB_CMDLINE_LINUX_DEFAULT= line in
/etc/default/grub and then run update-grub.
- Grab an updated kernel package (4.9.110-3) from proposed-updates,
either by properly adding the proposed-updates repository as
described at <
https://wiki.debian.org/StableProposedUpdates>, or
just installing the particular .deb which is
<
http://ftp.uk.debian.org/debian/pool/main/l/linux/linux-image-4.9.0-7-amd64_4.9.110-3_amd64.deb>
Also, if you have opted to have your VPS suspended and restored then
it won't actually be rebooted. Although it would obviously be best
to have your VPS always be in a bootable state.
If you are not running Debian stable, or are running 32-bit, you are
not affected by this bug.
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
