Univention Bugzilla – Bug 47616
amd64-microcode: Multiple issues (4.3)
Last modified: 2018-08-22 14:26:27 CEST
New Debian amd64-microcode 3.20180524.1~bpo9+1 fixes: This update addresses the following issue: * cpu: speculative execution branch target injection CVE-2017-5715 hw: cpu: speculative execution branch target injection
--- mirror/ftp/4.3/unmaintained/4.3-0/source/amd64-microcode_3.20160316.3.dsc +++ apt/ucs_4.3-0-errata4.3-1/source/amd64-microcode_3.20180524.1~bpo9+1.dsc @@ -1,3 +1,50 @@ +3.20180524.1~bpo9+1 [Mon, 28 May 2018 08:09:01 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: + + * Rebuild for stretch-backports (no changes) + +3.20180524.1 [Fri, 25 May 2018 15:38:22 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: + + * New microcode update packages from AMD upstream: + + Re-added Microcodes: + sig 0x00610f01, patch id 0x06001119, 2012-07-13 + * This update avoids regressing sig 0x610f01 processors on systems with + outdated firmware by adding back exactly the same microcode patch that was + present before [for these processors]. It does not implement Spectre-v2 + mitigation for these processors. + * README: update for new release + +3.20180515.1 [Sat, 19 May 2018 13:51:06 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: + + * New microcode update packages from AMD upstream: + + New Microcodes: + sig 0x00800f12, patch id 0x08001227, 2018-02-09 + + Updated Microcodes: + sig 0x00600f12, patch id 0x0600063e, 2018-02-07 + sig 0x00600f20, patch id 0x06000852, 2018-02-06 + + Removed Microcodes: + sig 0x00610f01, patch id 0x06001119, 2012-07-13 + * Adds Spectre v2 (CVE-2017-5715) microcode-based mitigation support, + plus other unspecified fixes/updates. + * README, debian/copyright: update for new release + +3.20171205.2 [Fri, 04 May 2018 07:51:40 -0300] Henrique de Moraes Holschuh <hmh@debian.org>: + + * debian/control: update Vcs-* fields for salsa.debian.org + +3.20171205.1 [Mon, 08 Jan 2018 12:19:57 -0200] Henrique de Moraes Holschuh <hmh@debian.org>: + + * New microcode updates (closes: #886382): + sig 0x00800f12, patch id 0x08001213, 2017-12-05 + Thanks to SuSE for distributing these ahead of AMD's official release! + * Add IBPB support for family 17h AMD processors (CVE-2017-5715) + * README: describe source for faml17h microcode update + * Upload to unstable to match IBPB microcode support on Intel in Debian + unstable. + * WARNING: requires at least kernel 4.15, 4.14.13, 4.9.76, 4.4.111 (or a + backport of commit f4e9b7af0cd58dd039a0fb2cd67d57cea4889abf + "x86/microcode/AMD: Add support for fam17h microcode loading") otherwise + it will not be applied to the processor. + 3.20160316.3 [Tue, 29 Nov 2016 23:54:53 -0200] Henrique de Moraes Holschuh <hmh@debian.org>: * initramfs: Make the early initramfs reproducible (closes: #845194) <http://10.200.17.11/4.3-1/#2848291106724770359>
OK: yaml OK: errata-announce OK: patch OK: piuparts [4.3-1] 0e19a25a8a Bug #47616: amd64-microcode_3.20180524.1~bpo9+1 doc/errata/staging/amd64-microcode.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.3/204.html>