[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security update in Jessie for intel-microcode and linux?

On Wed, 2019-05-15 at 13:59 +0200, Thomas Goirand wrote:
> Hi,
> Probably Ben will reply to this one...
> Is it planned to upgrade intel-microcode and the kernel in Jessie,
> regarding CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091?

I plan to update linux, and I have backported the mitigation to 3.16. 
However I will need to do more testing of this before uploading, and
will probably wait until it has been through the stable review process.

I have already uploaded linux-4.9 to match the stable security update.

I expect that Henrique will handle the intel-microcode update as he has
done before.

Note that stable branches older than 4.9 are not getting the
speculation mitigations for KVM, and should not be used with untrusted 
guests (at least on Intel hardware).


Ben Hutchings
To err is human; to really foul things up requires a computer.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: