On 05/14/2013 02:38 PM, Akemi Yagi wrote: > On Tue, May 14, 2013 at 9:56 AM, Akemi Yagi <amyagi@xxxxxxxxx> wrote: >> On Tue, May 14, 2013 at 9:24 AM, Tom Brown <tom@xxxxxxxx> wrote: >>> Hi - Looking at >>> >>> https://news.ycombinator.com/item?id=5703758 >>> >>> I have just tried this on a fully patched 6.4 box and it seems vulnerable - >>> >>> Do other see the same? >> Yes. Reported earlier in this forum thread (with additional info): >> >> http://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59 > Announced in that thread: > > CentOSPlus *test* kernel with the patch is now available from: > > http://people.centos.org/toracat/kernel/6/plus/perfbugfix/x86_64/ > > It was confirmed to work. Only the 64-bit kernel is provided because > the 32-bit kernel is not affected. > > NOTE: This is _not_ an official release by CentOS. The distro kernel > with the patch may be released later. Here is the most recent distro kernel with just the patch linked from the RH Bugzilla. This fixed the issue on our test platforms: http://people.centos.org/hughesjr/c6kernel/2.6.32-358.6.1.el6.cve20132094/ Note: This is signed by the centos-6 test key and it is provided as a best effort option to mitigate the above security issue while waiting for an upstream solution. It is not an official CentOS package and needs to be fully tested for fitness by each user before used in production. Thanks, Johnny Hughes
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
