Author: Michael Stevens Date: To: Andy Smith CC: users Subject: Re: [bitfolk] Security reboot needed,
likely to be weekend of 11/12/13 August
On Tue, Jul 31, 2018 at 08:19:19PM +0000, Andy Smith wrote: > Hi Michael,
>
> On Tue, Jul 31, 2018 at 08:39:51PM +0100, Michael Stevens wrote:
> > Am I right in thinking this is a risk for those of us who are foolishly
> > up to date with our debian, as I don't think the fixed kernel package
> > has released yet?
>
> As that particular bug is not a security bug and there is a
> workaround I don't think Debian are intending to push out an updated
> package until the next sable point release, which I think is going
> to be some time in September.
>
> If you are currently running Debian stable (stretch) 64-bit and you
> have upgraded your kernel to the latest package then you could do
> one of the following:
>
> - Add "pti=off" to your kernel command line. Normally accomplished
> by adding it to the GRUB_CMDLINE_LINUX_DEFAULT= line in
> /etc/default/grub and then run update-grub.
>
> - Grab an updated kernel package (4.9.110-3) from proposed-updates,
> either by properly adding the proposed-updates repository as
> described at <https://wiki.debian.org/StableProposedUpdates>, or
> just installing the particular .deb which is
> <http://ftp.uk.debian.org/debian/pool/main/l/linux/linux-image-4.9.0-7-amd64_4.9.110-3_amd64.deb>
>
> Also, if you have opted to have your VPS suspended and restored then
> it won't actually be rebooted. Although it would obviously be best
> to have your VPS always be in a bootable state.
>
> If you are not running Debian stable, or are running 32-bit, you are
> not affected by this bug.
Thanks for the info. I should be okay as I'm still 32bit.
