Accepted intel-microcode 3.20250211.1~deb11u1 (source) into oldstable-security

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted intel-microcode 3.20250211.1~deb11u1 (source) into oldstable-security
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 29 Mar 2025 12:00:21 +0000
Message-id: <[🔎] E1tyUrN-00HPfK-CK@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 29 Mar 2025 12:30:55 +0100
Source: intel-microcode
Architecture: source
Version: 3.20250211.1~deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Closes: 1095805
Changes:
 intel-microcode (3.20250211.1~deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Rebuild for bullseye.
 .
 intel-microcode (3.20250211.1~deb12u1) bookworm; urgency=medium
 .
   * Build for bookworm
   * All trixie-only changes (from 3.20240813.2) are reverted on this branch
 .
 intel-microcode (3.20250211.1) unstable; urgency=medium
 .
   * New upstream microcode datafile 20250211 (closes: #1095805)
     - Mitigations for INTEL-SA-01166 (CVE-2024-31068)
       Improper Finite State Machines (FSMs) in Hardware Logic for some Intel
       Processors may allow privileged user to potentially enable denial of
       service via local access.
     - Mitigations for INTEL-SA-01213 (CVE-2024-36293)
       Improper access control in the EDECCSSA user leaf function for some
       Intel Processors with Intel SGX may allow an authenticated user to
       potentially enable denial of service via local access.  Intel disclosed
       that some 9th Generation Intel Core processor models were already fixed
       by a previous microcode update.
     - Mitigations for INTEL-SA-01139 (CVE-2023-43758, CVE-2023-34440,
       CVE-2024-24582, CVE-2024-29214, CVE-2024-28127, CVE-2024-39279,
       CVE-2024-31157, CVE-2024-28047)
       Improper input validation, insufficient granularity of access control,
       and improper initialization issues in UEFI firmware for some Intel
       processors may allow escalation of privilege, denial of service, or
       information disclosure.  An UEFI firmware update is needed for complete
       mitigation.
     - Mitigations for INTEL-SA-01228 (CVE-2024-39355)
       Improper handling of physical or environmental conditions in some 13th
       and 14th Generation Intel Core Processors may allow an authenticated
       user to enable denial of service via local access.  An UEFI firmware
       update may be required for complete mitigation.
     - Mitigations for INTEL-SA-01194 (CVE-2024-37020)
       Sequence of processor instructions leads to unexpected behavior in the
       Intel DSA V1.0 for some Intel Xeon Processors may allow an authenticated
       user to potentially enable denial of service via local access.
     - Fixes for unspecified functional issues on several processor models
   * New microcodes or new extended signatures:
     sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952
     sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
     sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
     sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
   * Updated microcodes:
     sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224
     sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032
     sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824
     sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620
     sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620
     sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620
     sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620
     sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592
     sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
     sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
     sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
     sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
     sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038
     sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038
     sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038
     sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232
     sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436
     sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808
     sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472
     sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496
     sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544
     sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
     sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160
     sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124
     sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124
     sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240
     sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128
     sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291
   * source: update symlinks to reflect id of the latest release, 20250211
   * Update changelog for 3.20240813.1 with new information
Checksums-Sha1:
 1d6ae1b601b90e9fbbc907284f2692311d219de5 1821 intel-microcode_3.20250211.1~deb11u1.dsc
 6e24dc9c8705d2ccf43624583d58b4ff7994b89e 9224156 intel-microcode_3.20250211.1~deb11u1.tar.xz
 1d996042352bf50a86564d8cb52663f84927a201 6154 intel-microcode_3.20250211.1~deb11u1_amd64.buildinfo
Checksums-Sha256:
 663c9feab711fbef0792464c9eff43fa34def6415051bc8b2ec307d7e1777816 1821 intel-microcode_3.20250211.1~deb11u1.dsc
 a8407ecb91325df4a8312d0a2ddb2b6f598225535c97e519377ddef427a7b7dd 9224156 intel-microcode_3.20250211.1~deb11u1.tar.xz
 87ba13364a19b095643c4b8752063104cb8c995156d6f93e2c2611ad4d678e80 6154 intel-microcode_3.20250211.1~deb11u1_amd64.buildinfo
Files:
 5ffcf2584a7cf7d1669c10d4ce742eaf 1821 non-free/admin standard intel-microcode_3.20250211.1~deb11u1.dsc
 ee98a381211d6165455a9453679856a0 9224156 non-free/admin standard intel-microcode_3.20250211.1~deb11u1.tar.xz
 8c485898618ba6a42fa229fabcce0fcc 6154 non-free/admin standard intel-microcode_3.20250211.1~deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmfn3EoACgkQkWT6HRe9
XTaEOQ//b/lc6umpBWuXZXgMFI0SNQZijVnS+BYhk28GsSgSLFn7E+si2mesz6cb
yu4dCqOYknsFcg6Czt5lnccf42BDFjJXZJll3uU9PM5pYJN8StBRQrz4A39QB8iQ
lRBuuJZWiVcolf5y0w4kfzW6QBJKpSeVh3nAKA3H9ATR/3zjm6p9NoEqG3Q6mW/i
QX2xnBu2kt6tbJ2ZsI3KoamwihsbWRq64DNv38Rxh17Hi5o4Zu2+wEt9tR7yDgKe
3EtyD3Rm+MlGdZ2QwM/FpH6KrtuDQRiQ+/N5GRn/yopAj2VjwYcaJtAGdXbD7puD
+yniIVpz4A7IpxWSM4Z0BfqN+zQkeiAKVYSVYrycN1ZAoOOYyhNJ0+D3ceN9WhfI
7W2FlGuQdaWc+UqC3BpeRrC3cSOUaMhOXnhBe9ZYpkqMMYZPs981qdrOpupqIYoj
qKAOy6TboT3SLD3LjLMxPVtRVeAUlfAWpOQaPtAysOrkl2XilZViVSTS99M55PTB
M+QzTnpoU25AYCheE5kCcuT0Uw4GqdpCbGGZgAzu1+CwGbyyi3phT3RQPWdCTn9i
aNJqqddWFiQsLphLBHcb9d8SF6y3Y7l1/EHYsn1YNYvkJXoLwFh0CNaNqdX7lbNu
M+3PdiDTRJ5euxHpm1sajVHKa99rPeoPqKW+SiKfSz+M51DpDEY=
=i0Ox
-----END PGP SIGNATURE-----

Attachment: pgpVDZqZUfrWl.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted linux-6.1 6.1.129-1~deb11u1 (source) into oldstable-security
Next by Date: Accepted librabbitmq 0.10.0-1+deb11u1 (source) into oldstable-security
Previous by thread: Accepted linux-6.1 6.1.129-1~deb11u1 (source) into oldstable-security
Next by thread: Accepted librabbitmq 0.10.0-1+deb11u1 (source) into oldstable-security
Index(es):
- Date
- Thread