Hi, Mark H Weaver <[email protected]> skribis:
> Mark H Weaver <[email protected]> writes: > >> Leo Famulari <[email protected]> writes: >> >>> The Spectre bugs have to be fixed per-application for now. As far as I >>> know, we haven't made any related changes to packages besides >>> linux-libre. >>> >>> Mozilla has released an update that is supposed to mitigate the >>> vulnerability but I don't if they'll be porting it back to the extended >>> support release that Icecat is based on. >> >> I just backported the Spectre mitigation from Firefox 57.0.4 to IceCat, >> and pushed it to master here: >> >> >> https://git.savannah.gnu.org/cgit/guix.git/commit/?id=c23243fccd4f73430ca06a862acd33c020c8ed17 > > I just followed this up with a Spectre mitigation for WebKitGTK+ > backported from upstream WebKit: > > > https://git.savannah.gnu.org/cgit/guix.git/commit/?id=56804398a94bea941183ae4ed29d2a9f82069a6f Thanks a lot Leo and Mark for the quick fixes and the detailed report. Ludo’.
