--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-6ecb52e4ed
2018-04-29 12:18:38.573977
--------------------------------------------------------------------------------
Name : spectre-meltdown-checker
Product : Fedora EPEL 7
Version : 0.37
Release : 1.el7
URL :
https://github.com/speed47/spectre-meltdown-checker
Summary : Spectre & Meltdown vulnerability/mitigation checker for Linux
Description :
Spectre & Meltdown vulnerability/mitigation checker for Linux.
--------------------------------------------------------------------------------
Update Information:
Update to 0.37 * Feature: add a detailed explanation of "what to do" when
system if found vulnerable against one of the vulnerabilities (skip with `--no-
explain`) * Feature: rework output for IBRS/IBPB check and better detection for
newer kernels (IBRS_FW, IBPB without IBRS, ...) * Feature: check for Red Hat
7/CentOS 7 specific `retp_enabled` knob in sysfs * Feature: detect arm64 Spectre
Variant 1, Spectre Variant 2 and Meltdown (Variant 3) mitigations * Feature: add
detection of AMD-specific STIBP, STIBP-always-on, IBRS, IBRS-always-on and IBRS-
preferred CPUID feature flags * Feature: when `ibpb_enabled=2` (Red Hat), warn
if SMT is not disabled * Feature: detect whether the kernel supports RSB filling
(important for Skylake+) * Feature: add `--paranoid` to make IBPB required in
addition to retpoline for Variant 2 * Refactor: don't test AMD-specific flags on
Intel and Intel-specific flags on AMD for clarity * Fix: when PTI activation is
unknown, don't say we're vulnerable * Fix: don't hide microcode information
for
AMD CPUs * Misc: other minor fixes and enhancements
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update spectre-meltdown-checker' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------