Language Selection

English French German Italian Portuguese Spanish

Security: Meltdown and Spectre Patches

Filed under
Security
  • Linux Mint project advises on Meltdown and Spectre

    The Linux Mint project has released a guide to address the Meltdown and Spectre bugs offering instructions for users on how they should mitigate the holes in their systems. It explains how to tighten up your web browsers and driver software, as well as providing a status update on when we can expect a patch to the kernel.

    The main browser that’s bundled with the operating system is Firefox. The advice is to ensure you update to Firefox 57.0.4, which was released several days ago. As for Chrome and Opera, you should go into the respective flags pages and enable strict site isolation, also called site per process. Google plans to fix the bug next month when it releases the next major edition of Google Chrome. An Opera update will follow.

  • Canonical Releases Ubuntu Kernel and Nvidia Updates to Fix Meltdown and Spectre

    As promised, Canonical released a few moments ago the new kernel and Nvidia updates to address the Meltdown and Spectre security vulnerability on all supported Ubuntu Linux releases.

    The company said last week in a public announcement that it will patch all supported Ubuntu releases against Meltdown and Spectre security vulnerabilities, and the first set of patches are now available in the stable software repositories of Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) to address some of these issues.

  • Linux Mint security notice on Meltdown and Spectre

    A security notice was posted on the official Linux Mint blog on January 9, 2017. It informs users of the Linux distribution about the recently discovered security issues in modern processors called Meltdown and Spectre, and how these affect Linux Mint.

    The notice contains instructions to protect Linux Mint systems from potential attacks that target the vulnerabilities. It covers web browsers, Nvidia drivers, and the Linux kernel.

  • Tails 3.4 Anonymous Live System Released with Meltdown and Spectre Patches

    The Tails development team announced today the release and general availability of the Tails 3.4 amnesic incognito live system, also known as the anonymous live system.

    Tails is a Debian-based live Linux system designed with a single purpose in mind, to hide all your online activity from the prying eyes of the government. For that, it relies on the latest Tor and Tor Browser technologies by allowing users to connect to the Tor anonymous network.

  • Tails 3.4 privacy-focused Linux distro now available with Meltdown and Spectre fixes

    With everything going on in the world these days, it can feel like you are naked when using your computer. If you previously felt safe and secure, these last several years have probably eroded all of your confidence. Between Edward Snowden's revelations and the many vulnerabilities constantly hitting the news, it is tempting to just live in the woods without electricity.

    Before you sell your house, buy a tent, and become a nomad, you should consider a Linux distribution the helps you fight back against evil governments, nefarious hackers, and other bad people. Called "Tails," this Linux-based operating system is designed to be run from a live environment, such as on a DVD or flash drive, so you can hide your tracks and enjoy your God-given right to privacy. Today, version 3.4 becomes available and if you are already a Tails user, you should upgrade immediately. Why? Because it includes kernel 4.14.12 which offers fixes for Meltdown and Spectre (partially).

  • Greg Kroah-Hartman on Meltdown and Spectre Bugs: Go Update Your Linux Kernel

    Renowned Linux kernel developer Greg Kroah-Hartman has published an in-depth article on the status of the Meltdown and Spectre patches in the Linux kernel.

    As you already know, two severe hardware bugs were unearthed last week as the worst chip flaws in the history of computing. Dubbed Meltdown and Spectre, these security vulnerabilities affect us all, and put billions of devices at risk of attacks by allowing attackers to steal your sensitive data that's stored in kernel memory via locally installed apps or on the Web through malicious scripts.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.