Hello,
like any other operating system siduction 18.1.0 is affected by the Meltdown and Spectre security issues caused by faulty processor design.
As a rolling release siduction integrates security fixes with its latest dist-upgrades:
MELTDOWN:Processes can read the page table of other processes and so may gain secret information.
Since version 4.14.11-towo.2 the siduction kernel sets
CONFIG_PAGE_TABLE_ISOLATION=y
and towo' has integrated the upcoming 4.14.12-rc1 patch in the 4.14.11-towo.3-kernel.
SPECTRE:The Speculative Execution Side-Channel Attack needs to be mitigated in the application layer, i.e. software developers need to include some mitigation measure in their products. Basically this means the whole world has to be recompiled with a patched compiler.
intel-microcode 3.20171215.1 contains some fixes for CVE-2017-5715 and Spectre variant 2.
Chromium 63.0.3239.84 provides experimental "Strict Site Isolation" (to be enabled on chrome://flags/#enable-site-per-process )
Firefox 57.0.4 contains a mitigation (
https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ )
(list to be continued ...)
greetings
musca