[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to mitigate the
speculative side channel attack known as Spectre variant 1.

Here are the details from the Slackware 14.2 ChangeLog:

patches/packages/linux-4.4.118/: Upgraded.
This kernel includes __user pointer sanitization mitigation for the Spectre
(variant 1) speculative side channel attack.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
https://vulners.com/cve/CVE-2017-5753
( Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-firmware-20180222_7344ec9-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-generic-4.4.118-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-generic-smp-4.4.118_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-headers-4.4.118_smp-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-huge-4.4.118-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-huge-smp-4.4.118_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-modules-4.4.118-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-modules-smp-4.4.118_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.118/kernel-source-4.4.118_smp-noarch-1.txz

Updated packages for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-firmware-20180222_7344ec9-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-generic-4.4.118-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-headers-4.4.118-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-huge-4.4.118-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-modules-4.4.118-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.118/kernel-source-4.4.118-noarch-1.txz

MD5 signatures:

Slackware 14.2 packages:
260968bbd379913c30d11d8b1daac6ae kernel-firmware-20180222_7344ec9-noarch-1.txz
0c1ffb6a5ce31e3b467b76366cb45fdf kernel-generic-4.4.118-i586-1.txz
d9aa76d4956dc5afae7e6a51f3539480 kernel-generic-smp-4.4.118_smp-i686-1.txz
0ee08392f4b80274a4dfd4ec502bfac2 kernel-headers-4.4.118_smp-x86-1.txz
5d9561ac8b58e6ca10fb18b9b2385ef9 kernel-huge-4.4.118-i586-1.txz
7583356ca16efd078db333a1f3e7cd8b kernel-huge-smp-4.4.118_smp-i686-1.txz
9413547cb17efd1086a167220b440382 kernel-modules-4.4.118-i586-1.txz
792d09fb27f79dbd89e3edb8f47bb8f5 kernel-modules-smp-4.4.118_smp-i686-1.txz
c9e204b423f5624aca02c4eabe100c3e kernel-source-4.4.118_smp-noarch-1.txz

Slackware x86_64 14.2 packages:
260968bbd379913c30d11d8b1daac6ae kernel-firmware-20180222_7344ec9-noarch-1.txz
92ca007b24d746beef19c13cee9b4fcd kernel-generic-4.4.118-x86_64-1.txz
60f9bec621769a54c7bb4cf772ab52f3 kernel-headers-4.4.118-x86-1.txz
14dea8448b42c4308eae40dcca595373 kernel-huge-4.4.118-x86_64-1.txz
ce365549a202ac2b3e35aa553757d3a8 kernel-modules-4.4.118-x86_64-1.txz
740953188c1956d7720cb3de3c3ef77b kernel-source-4.4.118-noarch-1.txz

Installation instructions:

Upgrade the packages as root:
> upgradepkg kernel-*.txz

If you are using an initrd, you’ll need to rebuild it.

For a 32-bit SMP machine, use this command (substitute the appropriate
kernel version if you are not running Slackware 14.2):
> /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.118-smp | bash

For a 64-bit machine, or a 32-bit uniprocessor machine, use this command
(substitute the appropriate kernel version if you are not running
Slackware 14.2):
> /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.118 | bash

Please note that “uniprocessor” has to do with the kernel you are running,
not with the CPU. Most systems should run the SMP kernel (if they can)
regardless of the number of cores the CPU has. If you aren’t sure which
kernel you are running, run “uname -a”. If you see SMP there, you are
running the SMP kernel and should use the 4.4.118-smp version when running
mkinitrd_command_generator. Note that this is only for 32-bit – 64-bit
systems should always use 4.4.118 as the version.

If you are using lilo or elilo to boot the machine, you’ll need to ensure
that the machine is properly prepared before rebooting.

If using LILO:
By default, lilo.conf contains an image= line that references a symlink
that always points to the correct kernel. No editing should be required
unless your machine uses a custom lilo.conf. If that is the case, be sure
that the image= line references the correct kernel file. Either way,
you’ll need to run “lilo” as root to reinstall the boot loader.

If using elilo:
Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish
to use, and then run eliloconfig to update the EFI System Partition.