Spectre Meltdown checker

I get an update for spectre-meltdown-checker nearly every day.

What is going on?

Do you have the AUR (or some other) version installed?

pacman -Qi spectre-meltdown-checker

I guess the new apocalyptic CPU vulnerabilities are added to it, so it requires updates.

There has been a lot of updates lately but I can only assume it’s been more actively maintained. The question is, would you rather they provide timely updates or not? Personally I prefer security type updates to come as fast as possible.

1 Like

@ ydar The fact that there are timely updates is fine. I just wanted to know what was going on. It’s no biggie.

@ cscs Just standard from Extras

@ mithrial All good then

There has been one about two weeks ago, there was one yesterday, and there was another one today.

Considering that this is a security-related package, any update to the package gets pushed out immediately as it becomes available. :wink:


Hi, I found this topic interesting so I checked my installation of spectre-meltdown-checker. For some reason it is installed via the Official Repositories and AUR. If I try to remove the AUR version it also removes the Official Repositories version.

Here’s the results of pacman -Qi spectre-meltdown-checker on my system:

Name            : spectre-meltdown-checker
Version         : 0.46+10+gc1c1ac4-1
Description     : Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation
Architecture    : any
URL             : https://github.com/speed47/spectre-meltdown-checker
Licenses        : GPL3
Groups          : None
Provides        : None
Depends On      : sh  sqlite
Optional Deps   : None
Required By     : None
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 268.03 KiB
Packager        : Mark Wagie <mark@manjaro.org>
Build Date      : Thu 10 Aug 2023 10:02:47 AM EDT
Install Date    : Fri 11 Aug 2023 09:25:57 AM EDT
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

That’s the official Manjaro repo version. The AUR version has version number 0.46-1. But if you have it installed twice, then maybe you’ve added another repo to your /etc/pacman.conf — Chaotic AUR perhaps?

Either way, package repository issues are a separate topic, so if you have more problems with that, then I recommend starting a new thread. :wink:

1 Like

So when can we expect the kernels with those exploits fixed in stable?

I know they are already in testing, but its been a few days since the exploits became known. Not sure if i would put manjaro responding to them as “swiftly”.

It all depends on how serious those exploits are, by which I mean to what extent they would pose an imminent threat to a Manjaro system.

The next update will also include microcode, by the way.

The fixes should be in the respective microcode and not the kernel. It is not a bug on the kernel but CPU “drivers”.

It should be safe to install only this package from the testing branch, if you wish to do so.


This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.