Leo Famulari <l...@famulari.name> writes: > The Spectre bugs have to be fixed per-application for now. As far as I > know, we haven't made any related changes to packages besides > linux-libre. > > Mozilla has released an update that is supposed to mitigate the > vulnerability but I don't if they'll be porting it back to the extended > support release that Icecat is based on.
I just backported the Spectre mitigation from Firefox 57.0.4 to IceCat, and pushed it to master here: https://git.savannah.gnu.org/cgit/guix.git/commit/?id=c23243fccd4f73430ca06a862acd33c020c8ed17 I recommend that you upgrade your IceCat packages, and furthermore that you install NoScript and avoid using Javascript except when needed. Mark