From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 7542 invoked by alias); 19 Jan 2018 01:45:58 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 7534 invoked by uid 89); 19 Jan 2018 01:45:58 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.2 required=5.0 tests=AWL,BAYES_40,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=calgary, H*RU:!192.168.1.100!, H*r:ip*192.168.1.100, Hx-spam-relays-external:!192.168.1.100! X-HELO: smtp-out-so.shaw.ca Received: from smtp-out-so.shaw.ca (HELO smtp-out-so.shaw.ca) (64.59.136.137) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 19 Jan 2018 01:45:56 +0000 Received: from [192.168.1.100] ([24.64.240.204]) by shaw.ca with ESMTP id cLkfeROK9S7BpcLkgeIjOn; Thu, 18 Jan 2018 18:45:54 -0700 X-Authority-Analysis: v=2.2 cv=NKylwwyg c=1 sm=1 tr=0 a=MVEHjbUiAHxQW0jfcDq5EA==:117 a=MVEHjbUiAHxQW0jfcDq5EA==:17 a=N659UExz7-8A:10 a=w5aJ8kaLLAry8Qfnm_kA:9 a=pILNOxqGKmIA:10 Reply-To: Brian.Inglis@SystematicSw.ab.ca To: cygwin@cygwin.com From: Brian Inglis Subject: Upstream Spectre CVE Patch Availability Message-ID: Date: Fri, 19 Jan 2018 01:45:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfGakGZsMvadxMre3BYSIoVdXmY1z2e7WX1H22nq4XDxwZsNYjSomJnOUsZof4S8+8wWkfjGPnj+oB0rb9RMLLtdak/Y2BICNq6MFPjQwkIhqeQ5RFXqg 76IjNe5z14k4vzaZ+7miSs5au12QMdGO3WwgMXbbh4/np6J1Gdj9CDhO8LqMMIC2mNh6jhCL0qgGow== X-IsSubscribed: yes X-SW-Source: 2018-01/txt/msg00178.txt.bz2 Hi folks, Not seen any posts here about the monster in the chip yet (although those who might know may be busy dealing with the issues in their jobs), so has anyone any idea if or when we might see upstream Spectre CVE patches available for the following packages, whose bases have been mentioned in the many articles published recently, and has anyone seen mention of any other packages likely to be affected? cygwin32-gcc-core 6.4.0-1 djgpp-gcc-core 5.4.0-1 gcc-core 6.4.0-4 libjavascriptcoregtk3.0_0 2.0.4-5 libvirt-common 3.6.0-1 libwebkitgtk3.0_0 2.0.4-5 mingw64-i686-gcc-core 6.4.0-1 mingw64-x86_64-gcc-core 6.4.0-2 -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple