Re: Security update in Jessie for intel-microcode and linux?

To: debian-lts@lists.debian.org
Subject: Re: Security update in Jessie for intel-microcode and linux?
From: Thomas Goirand <zigo@debian.org>
Date: Wed, 15 May 2019 16:24:06 +0200
Message-id: <[🔎] 75ad2dc1-d15d-c640-c004-a986eee565e0@debian.org>
In-reply-to: <[🔎] af91cada405c51da166d86613018ceb82929f40d.camel@decadent.org.uk>
References: <[🔎] 005e7fe2-88e6-fa20-d3b3-d06ca7ed8f1d@debian.org> <[🔎] af91cada405c51da166d86613018ceb82929f40d.camel@decadent.org.uk>

On 5/15/19 2:51 PM, Ben Hutchings wrote:
> On Wed, 2019-05-15 at 13:59 +0200, Thomas Goirand wrote:
>> Hi,
>>
>> Probably Ben will reply to this one...
>>
>> Is it planned to upgrade intel-microcode and the kernel in Jessie,
>> regarding CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091?
> 
> I plan to update linux, and I have backported the mitigation to 3.16. 
> However I will need to do more testing of this before uploading, and
> will probably wait until it has been through the stable review process.
> 
> I have already uploaded linux-4.9 to match the stable security update.
> 
> I expect that Henrique will handle the intel-microcode update as he has
> done before.
> 
> Note that stable branches older than 4.9 are not getting the
> speculation mitigations for KVM, and should not be used with untrusted 
> guests (at least on Intel hardware).
> 
> Ben.

Hi Ben,

Thanks for your detailed answer.
Cheers,

Thomas Goirand (zigo)

Reply to:

References:
- Security update in Jessie for intel-microcode and linux?
  - From: Thomas Goirand <zigo@debian.org>
- Re: Security update in Jessie for intel-microcode and linux?
  - From: Ben Hutchings <ben@decadent.org.uk>

Prev by Date: improving https://wiki.debian.org/LTS/Development
Next by Date: Re: Bug in new libjs-jquery package from last week
Previous by thread: Re: Security update in Jessie for intel-microcode and linux?
Next by thread: improving https://wiki.debian.org/LTS/Development
Index(es):
- Date
- Thread