From 7fbb5ae94d221c22c4b2a61f4a471d377b5dd86d Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 11 Jun 2020 17:23:44 +0200 Subject: Add final version for intel-microcode update advisory text --- dsa-texts/intel-microcode.20200609 | 17 ---------- dsa-texts/intel-microcode.3.20200609.2~deb10u1 | 45 ++++++++++++++++++++++++++ dsa-texts/intel-microcode.3.20200609.2~deb9u1 | 1 + 3 files changed, 46 insertions(+), 17 deletions(-) delete mode 100644 dsa-texts/intel-microcode.20200609 create mode 100644 dsa-texts/intel-microcode.3.20200609.2~deb10u1 create mode 120000 dsa-texts/intel-microcode.3.20200609.2~deb9u1 diff --git a/dsa-texts/intel-microcode.20200609 b/dsa-texts/intel-microcode.20200609 deleted file mode 100644 index 098a8cd8..00000000 --- a/dsa-texts/intel-microcode.20200609 +++ /dev/null @@ -1,17 +0,0 @@ -Package : intel-microcode -CVE ID : CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 - -This update ships updated CPU microcode for some types of Intel CPUs and -provides mitigations for the Special Register Buffer Data Sampling -(CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D -Eviction Sampling (CVE-2020-0549) hardware vulnerabilities. - -The microcode update for HEDT and Xeon CPUs with signature 0x50654 which -was reverted in DSA 4565-2 is now included again with a fixed release. - -The upstream update for Skylake-U/Y (sig 0x000406e3) had to be excluded -from this update due to reported hangs on boot. - -For details refer to -https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html -https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html diff --git a/dsa-texts/intel-microcode.3.20200609.2~deb10u1 b/dsa-texts/intel-microcode.3.20200609.2~deb10u1 new file mode 100644 index 00000000..b65791a4 --- /dev/null +++ b/dsa-texts/intel-microcode.3.20200609.2~deb10u1 @@ -0,0 +1,45 @@ +From: Salvatore Bonaccorso +To: debian-security-announce@lists.debian.org +Subject: [SECURITY] [DSA 4701-1] intel-microcode security update + +------------------------------------------------------------------------- +Debian Security Advisory DSA-4701-1 security@debian.org +https://www.debian.org/security/ Salvatore Bonaccorso +June 11, 2020 https://www.debian.org/security/faq +------------------------------------------------------------------------- + +Package : intel-microcode +CVE ID : CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 + +This update ships updated CPU microcode for some types of Intel CPUs and +provides mitigations for the Special Register Buffer Data Sampling +(CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D +Eviction Sampling (CVE-2020-0549) hardware vulnerabilities. + +The microcode update for HEDT and Xeon CPUs with signature 0x50654 which +was reverted in DSA 4565-2 is now included again with a fixed release. + +The upstream update for Skylake-U/Y (signature 0x406e3) had to be +excluded from this update due to reported hangs on boot. + +For details refer to +https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html +https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html + +For the oldstable distribution (stretch), these problems have been fixed +in version 3.20200609.2~deb9u1. + +For the stable distribution (buster), these problems have been fixed in +version 3.20200609.2~deb10u1. + +We recommend that you upgrade your intel-microcode packages. + +For the detailed security status of intel-microcode please refer to its +security tracker page at: +https://security-tracker.debian.org/tracker/intel-microcode + +Further information about Debian Security Advisories, how to apply +these updates to your system and frequently asked questions can be +found at: https://www.debian.org/security/ + +Mailing list: debian-security-announce@lists.debian.org diff --git a/dsa-texts/intel-microcode.3.20200609.2~deb9u1 b/dsa-texts/intel-microcode.3.20200609.2~deb9u1 new file mode 120000 index 00000000..b851e873 --- /dev/null +++ b/dsa-texts/intel-microcode.3.20200609.2~deb9u1 @@ -0,0 +1 @@ +intel-microcode.3.20200609.2~deb10u1 \ No newline at end of file -- cgit v1.2.3