Leo Famulari <l...@famulari.name> writes:

> The Spectre bugs have to be fixed per-application for now. As far as I
> know, we haven't made any related changes to packages besides
> linux-libre.
>
> Mozilla has released an update that is supposed to mitigate the
> vulnerability but I don't if they'll be porting it back to the extended
> support release that Icecat is based on.

I just backported the Spectre mitigation from Firefox 57.0.4 to IceCat,
and pushed it to master here:

  
https://git.savannah.gnu.org/cgit/guix.git/commit/?id=c23243fccd4f73430ca06a862acd33c020c8ed17

I recommend that you upgrade your IceCat packages, and furthermore that
you install NoScript and avoid using Javascript except when needed.

      Mark

Reply via email to