Bug 53699 – amd64-microcode: Multiple issues (4.4)

Bug 53699 - amd64-microcode: Multiple issues (4.4)


Summary:	amd64-microcode: Multiple issues (4.4)

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Security updates
Version:	UCS 4.4
Hardware:	All Linux

Importance:	P3 normal (vote)
Target Milestone:	UCS 4.4-8-errata
Assigned To:	Quality Assurance
QA Contact:	Philipp Hahn

URL:	http://security.debian.org/pool/non-f...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2021-08-23 08:03 CEST by Quality Assurance
Modified:	2021-10-20 17:07 CEST (History)
CC List:	0 users

See Also:
What kind of report is it?:	Security Issue
What type of bug is this?:	---
Who will be affected by this bug?:	---
How will those affected feel about the bug?:	---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:	5.6 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Quality Assurance

2021-08-23 08:03:49 CEST

New Debian amd64-microcode 3.20181128.1~deb9u1 fixes:
This update addresses the following issue:
* cpu: speculative execution branch target injection (CVE-2017-5715)

Comment 1 Philipp Hahn

2021-08-23 10:51:09 CEST

The upload for <https://www.debian.org/lts/security/2021/dla-2743> is incomplete (again): Only the source package is available, but the binary packages are missing.
I contacted my fellow Debian maintainer privately 2021-08-23.

Comment 2 Quality Assurance

2021-10-18 09:00:06 CEST

--- mirror/ftp/4.3/unmaintained/4.3-2/source/amd64-microcode_3.20180524.1~bpo9+1.dsc
+++ apt/ucs_4.4-0-errata4.4-8/source/amd64-microcode_3.20181128.1~deb9u2.dsc
@@ -1,6 +1,20 @@
-3.20180524.1~bpo9+1 [Mon, 28 May 2018 08:09:01 -0300] Henrique de Moraes Holschuh <hmh@debian.org>:
+3.20181128.1~deb9u2 [Sat, 16 Oct 2021 10:24:39 +0530] Utkarsh Gupta <utkarsh@debian.org>:
 
-  * Rebuild for stretch-backports (no changes)
+  * No-change rebuild for binary upload.
+
+3.20181128.1~deb9u1 [Mon, 16 Aug 2021 10:24:39 +0530] Utkarsh Gupta <utkarsh@debian.org>:
+
+  * Non-maintainer upload by the LTS Security Team.
+  * New upstream release.
+  * Add IBPB support for family 17h AMD processors (CVE-2017-5715)
+    (since version 3.20180515.1).
+
+3.20181128.1 [Sat, 15 Dec 2018 18:42:12 -0200] Henrique de Moraes Holschuh <hmh@debian.org>:
+
+  * New microcode update packages from AMD upstream:
+    + New Microcodes:
+      sig 0x00800f82, patch id 0x0800820b, 2018-06-20
+  * README: update for new release
 
 3.20180524.1 [Fri, 25 May 2018 15:38:22 -0300] Henrique de Moraes Holschuh <hmh@debian.org>:
 

<http://piuparts.knut.univention.de/4.4-8/#3785673284254693159>

Comment 3 Philipp Hahn

2021-10-18 11:40:40 CEST

OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[4.4-8] 5c59d45e78 Bug #53699: amd64-microcode 3.20181128.1~deb9u2
 doc/errata/staging/amd64-microcode.yaml | 3 ---
 1 file changed, 3 deletions(-)

[4.4-8] 711b63a175 Bug #53699: amd64-microcode 3.20181128.1~deb9u2
 doc/errata/staging/amd64-microcode.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

[4.4-8] 28267c1751 Bug #53699: amd64-microcode 3.20181128.1~deb9u1
 doc/errata/staging/amd64-microcode.yaml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

Comment 4 Julia Bremer

2021-10-20 17:07:19 CEST

<https://errata.software-univention.de/#/?erratum=4.4x1070>