[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted intel-microcode 3.20210608.2~deb9u2 (amd64 i386 source) into oldstable

Hash: SHA512

Format: 1.8
Date: Fri, 09 Jul 2021 17:26:41 -0300
Binary: intel-microcode
Source: intel-microcode
Architecture: amd64 i386 source
Version: 3.20210608.2~deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
Changed-By: Henrique de Moraes Holschuh <hmh@debian.org>
Closes: 989615
 intel-microcode - Processor microcode firmware for Intel CPUs
 intel-microcode (3.20210608.2~deb9u2) stretch-security; urgency=high
   * SECURITY UPDATE for LTS, with changes to avoid regressions
     WARNING: missing the security update for processors with signature 0x906ea.
   * Refer to the changelog entry for 3.20210608.1 for the list of security
     fixes in this release.
   * Downgrade the microcode update for processors with signature 0x906ea, to
     avoid a confirmed regression on some CFL-H/S/E3 U0 "Core Gen8 Desktop,
     Mobile, Xeon E" systems with Intel Wireless LAN on-board, refer to:
     + sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424
   * Reintroduces all fixes (including several security updates) to Skylake
     D0/R0 that were temporarily disabled in past releases.  Refer to changelog
     entries since (and including) 3.20200609.1 for the list of security fixes.
   * Note: 3.20210608.2~deb9u1 was never uploaded, but it was tagged in
     salsa.d.o.  To avoid any possible issues, deb9u2 was used for the upload.
 intel-microcode (3.20210608.2) unstable; urgency=high
   * Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and
     debian/changelog (3.20210608.1).
 intel-microcode (3.20210608.1) unstable; urgency=high
   * New upstream microcode datafile 20210608 (closes: #989615)
     * Implements mitigations for CVE-2020-24511 CVE-2020-24512
       (INTEL-SA-00464), information leakage through shared resources,
       and timing discrepancy sidechannels
     * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465),
       Domain-bypass transient execution vulnerability in some Intel Atom
       Processors, affects Intel SGX.
     * Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel
       VT-d privilege escalation
     * Fixes critical errata on several processors
     * New Microcodes:
       sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104
       sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648
       sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648
       sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
       sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568
       sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208
       sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328
       sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456
       sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456
       sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352
     * Updated Microcodes:
       sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816
       sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456
       sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472
       sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744
       sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816
       sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864
       sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720
       sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720
       sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648
       sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576
       sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576
       sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456
       sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408
       sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360
       sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472
       sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264
       sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752
       sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776
       sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592
       sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768
       sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448
       sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448
       sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424
       sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448
       sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448
       sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448
       sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400
       sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448
       sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
       sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
       sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184
       sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208
       sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208
       sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208
       sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184
   * source: update symlinks to reflect id of the latest release, 20210608
 intel-microcode (3.20210216.1) unstable; urgency=medium
   * New upstream microcode datafile 20210216
     * Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx,
       and Cascade Lake Server (B0/B1) when using an active JTAG
       agent like In Target Probe (ITP), Direct Connect Interface
       (DCI) or a Baseboard Management Controller (BMC) to take the
       CPU JTAG/TAP out of reset and then returning it to reset.
     * This issue is related to the INTEL-SA-00381 mitigation.
     * Updated Microcodes:
       sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864
       sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248
       sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248
   * source: update symlinks to reflect id of the latest release, 20210216
 5d4b826ed57a1cddbf0b5e829b950973ea0d8896 1817 intel-microcode_3.20210608.2~deb9u2.dsc
 20aa7dfeb2c4d7dbfafcf86fe80dbfc6e73fd930 4608336 intel-microcode_3.20210608.2~deb9u2.tar.xz
 e13682fac27d6bae4cf4e2ca3732b824595d22a8 6073 intel-microcode_3.20210608.2~deb9u2_amd64.buildinfo
 0cd84c1592bc2199b93607fe1ebedb88a515b7ae 3837288 intel-microcode_3.20210608.2~deb9u2_amd64.deb
 e7bc79f6815ebb7d57c6e8e1457566adba3e3dea 4839 intel-microcode_3.20210608.2~deb9u2_i386.buildinfo
 87ed316acf294584fb05949e0d4ebac323e5895a 3975234 intel-microcode_3.20210608.2~deb9u2_i386.deb
 9290fd6f91a78d37ee3519aafe59f72afc43ef96e69365943dd67361ebfae4cf 1817 intel-microcode_3.20210608.2~deb9u2.dsc
 b51ac732105c34af8fc9bc5b15b3a4c7462df3e31105ddc019ecc866b41f3f43 4608336 intel-microcode_3.20210608.2~deb9u2.tar.xz
 b4b3008ec5f9ed5239f9e510583deac9fa829c913ed6884e2a85708b279d9204 6073 intel-microcode_3.20210608.2~deb9u2_amd64.buildinfo
 d813fe6714a1a7c0eeb50eadd0d75c3ee0284653ccef7c608b41057eb75db826 3837288 intel-microcode_3.20210608.2~deb9u2_amd64.deb
 6c0da1bf7e8e19d50668165988aeeb475a0bbbb5b85ad79dcd6ebb91431082a3 4839 intel-microcode_3.20210608.2~deb9u2_i386.buildinfo
 b30f104b0934dba3ede931788bd7926416e9621d305669ca5b5a1093f3fdd329 3975234 intel-microcode_3.20210608.2~deb9u2_i386.deb
 c701d44070ec4ff4208d3af068c13feb 1817 non-free/admin standard intel-microcode_3.20210608.2~deb9u2.dsc
 ec07b45699e214700c2ce254c47c0a6a 4608336 non-free/admin standard intel-microcode_3.20210608.2~deb9u2.tar.xz
 2103e1f455170de7ea7d6863414b0855 6073 non-free/admin standard intel-microcode_3.20210608.2~deb9u2_amd64.buildinfo
 743447ddd3b12c22191a9154de56180c 3837288 non-free/admin standard intel-microcode_3.20210608.2~deb9u2_amd64.deb
 6590619124d5aabd86bf2c8a0208862c 4839 non-free/admin standard intel-microcode_3.20210608.2~deb9u2_i386.buildinfo
 c70231ecf88ab6a47bda7c02df8d54e5 3975234 non-free/admin standard intel-microcode_3.20210608.2~deb9u2_i386.deb



Reply to: