--- Begin Message ---
- To: "Holger Levsen" <holger@layer-acht.org>, "Philipp Hahn" <hahn@univention.de>
- Cc: "Philipp Kern" <pkern@debian.org>, debian-lts@lists.debian.org, non-free@buildd.debian.org
- Subject: Re: DLA-2743-1 amd64-microcode incomplete
- From: "Henrique de Moraes Holschuh" <hmh@debian.org>
- Date: Wed, 15 Sep 2021 07:53:31 -0300
- Message-id: <fe5e81be-fd4f-4594-9b82-b72c8249ab66@www.fastmail.com>
- In-reply-to: <20210831192244.GG13094@layer-acht.org>
- References: <a5154dd8-9a60-586d-be37-79072f5ae075@univention.de> <d27be68e-cc1d-6d77-7f99-a4ceb1cdba86@philkern.de> <ecffec58-7f32-56d8-1f12-4131d1989f15@univention.de> <20210831192244.GG13094@layer-acht.org>
Hello,
The microcode packages have been whitelisted for at least a decade, however non-free auto-building is spotty. Intel-microcode faces the same issue. I don't really recall if contrib is any better.
This has bitten me so many times, I never do uploads of non-free intel-microcode or amd64-microcode missing binaries to debian-security, or when racing the deadline for a s-p-u. They're all source+i386+amd64.
For unstable, source-only works and has worked well for a while. It likely works for stable as well as it should have inherited that from unstable... But old(*)stable, security and backports? I would not hold my breath: I'd have to "test the waters" first to know.
On Tue, Aug 31, 2021, at 16:22, Holger Levsen wrote:
> On Tue, Aug 31, 2021 at 01:13:28PM +0200, Philipp Hahn wrote:
> > What needs to be done to get "amd64-micocode" in version
> > "3.20181128.1~deb9u1" into "stretch-security"?
> > Build it manually and upload it somewhere?
>
> yes. (and utkarsh is on it.)
>
> > Can we so something to prevent this from happening again:
>
> it seems security/non-free is currently not autobuilt at all, so
> I suppose this needs to be addressed and than amd64-microcode needs to
> be whitelisted to be autobuilt there (as any other non-free package).
--
Henrique de Moraes Holschuh <hmh@debian.org>
--- End Message ---