= Meltdown Mitigation = The patched jessie kernels have not been released (see [https://security-tracker.debian.org/tracker/CVE-2017-5754 this debian page for status info]) however... the backported stretch kernel has been released. It hasn't hit the apt repos yet (10:48 pm America/New_York) however, I have installed on octavia, floriberto and chavez via [https://incoming.debian.org/debian-buildd/pool/main/l/linux/linux-image-4.9.0-0.bpo.5-amd64_4.9.65-3+deb9u2~bpo8+1_amd64.deb direct download]. == How to upgrade == Check if the kernel is in your apt repo first: {{{ apt-get update apt-cache policy linux-image-4.9.0-0.bpo.5-amd64 }}} If the candidate is: `4.9.65-3+deb9u2~bpo8+1` then you can run: {{{ apt-get install linux-image-amd64/jessie-backports linux-image-4.9.0-0.bpo.5-amd64/jessie-backports linux-base/jessie-backports shutdown -h }}} If not, then run: {{{ apt-get install linux-base/jessie-backports wget https://incoming.debian.org/debian-buildd/pool/main/l/linux/linux-image-4.9.0-0.bpo.5-amd64_4.9.65-3+deb9u2~bpo8+1_amd64.deb dpkg -i linux-image-4.9.0-0.bpo.5-amd64_4.9.65-3+deb9u2~bpo8+1_amd64.deb shutdown -h }}} When prompted to restart services, you can say no to all services (since they will all be restarted when you shutdown the guest). == Steps == * ~~[https://status.mayfirst.org/2018/1/ released service advisory]~~ * Upgrade and reboot all MOSH'es * Upgrade and reboot all other guests * Upgrade and reboot physical servers (wait for Jamie in case a colo trip is needed). == Server List == Here is the server list (in order). Please put your initials after a server that you are working on, then strike-out when it is completed. Once the service advisory is out, you don't have to wait for confirmation on IRC or any coordination - just start upgrading (provided we are in off hours). == MOSHES == * albizu * annapurna * annette - JM * bety - JM * biko * binh * boggs * brown * buffy * ~~chavez~~ * chelsea * clara * claudette * colin - JL * daza * debs * didier * dorothy * eagle * ekpo * ella * emma * erica * ~~floriberto~~ * foucault - JL * gaspar - JM * gilkey * ginsberg * goldman * hashmi * jacobs * jones * juanita * julia * june - JM * kahlo * kerr * kinoy * larkin * lewis * magon * malcolm * mandela * marx * menchu * molina * mumia * ~~octavia~~ * ossie * pauline * peery * proudhon - JM * randolph * resnick * rivera * rodolpho * roe * rose * rushdie * sarah * slaapbeen * smith * sojourner * stokely * stone * stoney * susana * tresca * viewsic * wolf * yippie * yser == Non MOSH guests == * abernathy * achebe * acholonu * allende * assata * augusto * banksy * barghouti * belen * borges * cero * cesar - erq * chico - jamie * cleveland * deadeasy * dee * dolores * dorvalina * douglass * elizabeth * fuller * galeano * gamiz - jamie * gil * graciela * hammer * hay * howard - srevilak * iz * jojobe * juana - jamie * keller * kennedy - jamie * kramer * leslie * lucius * marti * mcchesney * morales * moses * ngugi * olivera - jamie * paul * paulo * peltier * ranciere * rustin * saadawi * sankara * septima * stallman - srevilak * toussaint * woodhull * zimmermann == Physical servers == * banks * barron * baubo * cleaver * clr * florence * franz * gabriela * linda * malaka * minnie * parsi * pietri * robideau * severo * victoria * vilma * wiwa