—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4279-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 20, 2018 https://www.debian.org/security/faq
– ————————————————————————-

Package : linux
CVE ID : CVE-2018-3620 CVE-2018-3646

Multiple researchers have discovered a vulnerability in the way the
Intel processor designs have implemented speculative execution of
instructions in combination with handling of page-faults. This flaw
could allow an attacker controlling an unprivileged process to read
memory from arbitrary (non-user controlled) addresses, including from
the kernel and all other processes running on the system or cross
guest/host boundaries to read host memory.

To fully resolve these vulnerabilities it is also necessary to install
updated CPU microcode (only available in Debian non-free). Common server
class CPUs are covered in the update released as DSA 4273-1.

For the stable distribution (stretch), these problems have been fixed in
version 4.9.110-3+deb9u3.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlt6p8ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TBJg//VmtxfP6VLm5Q2hHuOlUejrc2W4hOcNRR0Ud7DjJ0B5Gfb9y/u1k+RXBj
akX5/Csi6l+kLOWs4/amX3VAxdQRYFL6eEJBNZzlCkBasu1DpkvJdL9F0EP9gru7
Xd/StpSQs8GaBAlklQsckHtKqPzhB5D56gLosLupfmdNovlRKPhX282Ae5JCgjyf
BjQv7Oa5K+pUw7F4sZUsdTPZHvl3bZ14u2SDzkIYX6K0KSRi3r4kBNGlRkCnRUTd
AW8LpC2uWFX584LhVqJhnKhtd2lveadkwjX9TTRDJkJJOW88Yf2hDSyvWRAKS90D
65SEB2SIrgYiOTqCW4TQXPv5cNSn+LPimrkPus4likNyxJajbck5lB5GVLTTd0dp
X0WPp4uhNsISHERZzdJpT8Y3uu5VrPzgSxPay/aPh+n7vy/wFknliZ4IfBSZtOri
J5OrlN+Dal0M7eli1ojoByMLsH5Tzzd6/pfmOtWH/wNUFuMPdNwM/KuzcZRn+aMY
FZ6jk6Ge0UNgFoQQPb6ddu0YBlPQGK5t+jPS47qR8fEqV7VxBDFVQYKK5Lni9iwi
bIarRFTWQNj3nYZ44VOsk95QuyKe2Gw5NkjzlsEhQdQ318urQ6tpAAvjet/xbaHv
6SO/0r3APr5jxH2GGrLUvRRezbXYkBhEVhWOtcOQryXEzPAbcGc=
=Cd8P
—–END PGP SIGNATURE—–

 

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4279-2 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 22, 2018 https://www.debian.org/security/faq
– ————————————————————————-

Package : linux
Debian Bug : 906769

The security update announced as DSA 4279-1 caused regressions on the ARM
architectures (boot failures on some systems). Updated packages are now
available to correct this issue.

For the stable distribution (stretch), this problem has been fixed in
version 4.9.110-3+deb9u4.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlt9vElfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QK8BAAor9KlyD5w13q5VIwWuRx/y+wOuKsgr4fHKqoig/15moR3YaXQsGIsHRl
CHfZnjPv9jLeNg5CbNYNyZ4YvGL3yhMQZjAvhRLhx0/v+HIjGRitFk7qPIxUObBb
DRjtqhMYlf9fS2VS3XFt6HMmViyRSBS+bLYDI9Fvpj1oWbFwbcxPQ+FRVnFX3B8i
1jyR+qFVaPgbLHjSve3bqRWbh3BwSiroC4kLcKrvTuaJon8Lvxm2LY0fKWjAM4SS
UTCfYqpbyugivFPznc9a8N5UDBgfpei4zU4qQ2JpT+a3Vjh0riKqWMfF15kCK4Dm
WGKfpQmQDnvWJxKpc6qn4FFqzQ3KPhydeOC/pXzFA9qQMyXHClynFB4BgJIGtqF/
f4u6A4ZqmTTXxNtsicHFc2zLFcKper5qZ3sdd61PbKz1K2xaKN1lDb+RNy9rhIGd
ueNtLleGh2qmfmzgLP+2uKXzaHnhlwbXoQSbaF0tR8WvCPCnW9Cykx89Alj4SYxO
1gv7Ct7MAfoKSRoQehnOCLADq3M9dmZigI3G4NrH+uFnJ56lfNoLW+j4+Ghe5vvv
Su4gVIFFgKHRJ9oL3xtjZBx+y8Qd9XIGSFc5MFXQ9QeaLfR/Nqkef2aktVqVKKe0
qb2sruAtVYxhL4tGjQ+ojOxz/TEFCpIsbxai4nicjMqQxjWv0GU=
=KuqM
—–END PGP SIGNATURE—–