On 1/16/2018 10:21 AM, A. Harry Williams wrote:
Let me reiterate what Alan Altmark has said here, and Bill Bitner has
said here and on the IBMVM list, the information that IBM is sharing
with customers is on the IBM Z Security Portal.
If you are not on it, here is info about getting on it.
https://www.ibm.com/it-infrastructure/z/capabilities/system-integrity
If there is information about Meltdown and/or Spectre, IBM will share
it there.
It has information about Z related security issues, including MCLs and
PTF for all Z related software and hardware. I strongly recommend the
portal. (My problem is remembering how to find the thing when I want
to look at things)
I'm working on a presentation for people here, and I have a slide that
lists Vendors that have released official advisories. (Of course I
can't find the link to the page of that, but here is the list I'm
using) I'll find the link and post it later.) Interpret this as you
see fit.
That was easy. Here's a link that includes the list of vendors
https://meltdownattack.com/ with some very basic info.
Here's a couple other interesting links
Triple Meltdown: How So Many Researchers Found a 20-Year-Old Chip Flaw
At the Same Time:
https://www.wired.com/story/meltdown-spectre-bug-collision-intel-chip-flaw-discovery/
Here’s how, and why, the Spectre and Meltdown patches will hurt performance:
https://arstechnica.com/gadgets/2018/01/heres-how-and-why-the-spectre-and-meltdown-patches-will-hurt-performance/
Keeping Spectre Secret
https://www.theverge.com/2018/1/11/16878670/meltdown-spectre-disclosure-embargo-google-microsoft-linux
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
----------------------------------------------------------------------
For more information on Linux on System z, visit
http://wiki.linuxvm.org/