Upstream Spectre CVE Patch Availability

Yaakov Selkowitz
Fri Jan 19 07:21:00 GMT 2018

On 2018-01-18 19:45, Brian Inglis wrote:
> Not seen any posts here about the monster in the chip yet (although those who
> might know may be busy dealing with the issues in their jobs), so has anyone any
> idea if or when we might see upstream Spectre CVE patches available for the
> following packages, whose bases have been mentioned in the many articles
> published recently, and has anyone seen mention of any other packages likely to
> be affected?

The most important thing you can do is make sure you apply all Windows
updates.  To whatever degree these can be mitigated in userspace, we're
all still waiting for code to land elsewhere (namely, Fedora); we simply
don't have the resources to work on this ourselves.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the Cygwin mailing list