[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#964351: marked as done (stretch-pu: package intel-microcode/3.20200616.1~deb9u1)

Your message dated Sat, 18 Jul 2020 13:07:00 +0100
with message-id <b8d89cdfeeda7b6d1ef96a8706a20f9525c2151b.camel@adam-barratt.org.uk>
and subject line Closing requests for fixes included in 9.13 point release
has caused the Debian Bug report #964351,
regarding stretch-pu: package intel-microcode/3.20200616.1~deb9u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
964351: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964351
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

I'd like to update the intel-microcode packages in buster and stretch to
3.202006016.1~deb{9,10}u1.

This is basically the same packages already in buster and stretch via
buster/strech-security, with one extra microcode revert.  It effectively
fixes a regression introduced by the security updates for a single
processor model (Xeon E3 with signature 0x506e3).

The upload via s-p-u/os-p-u was suggested by the security team: we
agreed the revert of microcode 0x506e3 did not really deserve a DSA and
could be handled through the upcoming point releases (it affects only
*some* motherboards with such processors).

The git diff is attached.  Unfortunately, stable debdiff gets mightly
confused by a directory rename that only has binary files inside, so git
diff does a much better job here.

diffstat:
 changelog                                          |   8 ++++++
 debian/changelog                                   |  19 ++++++++++++
 intel-ucode/06-4e-03                               | Bin 104448 -> 101376 bytes
 intel-ucode/06-5e-03                               | Bin 104448 -> 101376 bytes
 microcode-20200609.d => microcode-20200616.d       |   0
 releasenote                                        |  32 ++++-----------------
 s000406E3_m000000C0_r000000D6.fw                   | Bin 101376 -> 0 bytes
 ....bin => supplementary-ucode-20200616_BDX-ML.bin |   0
 8 files changed, 32 insertions(+), 27 deletions(-)

-- 
  Henrique Holschuh

diff --git a/changelog b/changelog
index d033202..b0565f2 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,11 @@
+2020-06-16:
+  * Downgraded microcodes (to a previously shipped revision):
+    sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
+    sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
+  * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3,
+    https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31
+  * This update *removes* the SRBDS mitigations from the above processors
+
 2020-06-09:
   * Implements mitigation for CVE-2020-0543 Special Register Buffer Data
     Sampling (SRBDS), aka INTEL-SA-00320
diff --git a/debian/changelog b/debian/changelog
index 9a576a8..863eecf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,22 @@
+intel-microcode (3.20200616.1~deb9u1) stretch; urgency=high
+
+  * Rebuild for Debian oldstable (stretch), no changes
+
+ -- Henrique de Moraes Holschuh <hmh@debian.org>  Sun, 05 Jul 2020 15:26:41 -0300
+
+intel-microcode (3.20200616.1) unstable; urgency=high
+
+  * New upstream microcode datafile 20200616
+    + Downgraded microcodes (to a previously shipped revision):
+      sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
+      sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
+  * Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3,
+    https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31
+  * This update *removes* the SRBDS mitigations from the above processors
+  * Note that Debian had already downgraded 0x406e3 in release 3.20200609.2
+
+ -- Henrique de Moraes Holschuh <hmh@debian.org>  Sun, 28 Jun 2020 18:38:57 -0300
+
 intel-microcode (3.20200609.2~deb9u1) stretch-security; urgency=high
 
   * Rebuild for stretch-security, no changes
diff --git a/intel-ucode/06-4e-03 b/intel-ucode/06-4e-03
index 33b963e..1fabcf8 100644
Binary files a/intel-ucode/06-4e-03 and b/intel-ucode/06-4e-03 differ
diff --git a/intel-ucode/06-5e-03 b/intel-ucode/06-5e-03
index 4e947ea..a3119d5 100644
Binary files a/intel-ucode/06-5e-03 and b/intel-ucode/06-5e-03 differ
diff --git a/microcode-20200609.d b/microcode-20200616.d
similarity index 100%
rename from microcode-20200609.d
rename to microcode-20200616.d
diff --git a/releasenote b/releasenote
index 9b60007..f7302d5 100644
--- a/releasenote
+++ b/releasenote
@@ -82,37 +82,15 @@ OS vendors must ensure that the late loader patches (provided in
 linux-kernel-patches\) are included in the distribution before packaging the
 BDX-ML microcode for late-loading.
 
-== 20200609 Release ==
--- Updates upon 20200520 release --
+== 20200616 Release ==
+-- Updates upon 20200609 release --
 Processor             Identifier     Version       Products
 Model        Stepping F-MO-S/PI      Old->New
 ---- new platforms ----------------------------------------
 
 ---- updated platforms ------------------------------------
-HSW          C0       6-3c-3/32 00000027->00000028 Core Gen4
-BDW-U/Y      E0/F0    6-3d-4/c0 0000002e->0000002f Core Gen5
-HSW-U        C0/D0    6-45-1/72 00000025->00000026 Core Gen4
-HSW-H        C0       6-46-1/32 0000001b->0000001c Core Gen4
-BDW-H/E3     E0/G0    6-47-1/22 00000021->00000022 Core Gen5
-SKL-U/Y      D0       6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
-SKL-U23e     K1       6-4e-3/c0 000000d6->000000dc Core Gen6 Mobile
-SKX-SP       B1       6-55-3/97 01000151->01000157 Xeon Scalable
-SKX-SP       H0/M0/U0 6-55-4/b7 02000065->02006906 Xeon Scalable
-SKX-D        M1       6-55-4/b7 02000065->02006906 Xeon D-21xx
-CLX-SP       B0       6-55-6/bf 0400002c->04002f01 Xeon Scalable Gen2
-CLX-SP       B1       6-55-7/bf 0500002c->05002f01 Xeon Scalable Gen2
-SKL-H/S      R0/N0    6-5e-3/36 000000d6->000000dc Core Gen6; Xeon E3 v5
-AML-Y22      H0       6-8e-9/10 000000ca->000000d6 Core Gen8 Mobile
-KBL-U/Y      H0       6-8e-9/c0 000000ca->000000d6 Core Gen7 Mobile
-CFL-U43e     D0       6-8e-a/c0 000000ca->000000d6 Core Gen8 Mobile
-WHL-U        W0       6-8e-b/d0 000000ca->000000d6 Core Gen8 Mobile
-AML-Y42      V0       6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
-CML-Y42      V0       6-8e-c/94 000000ca->000000d6 Core Gen10 Mobile
-WHL-U        V0       6-8e-c/94 000000ca->000000d6 Core Gen8 Mobile
-KBL-G/H/S/E3 B0       6-9e-9/2a 000000ca->000000d6 Core Gen7; Xeon E3 v6
-CFL-H/S/E3   U0       6-9e-a/22 000000ca->000000d6 Core Gen8 Desktop, Mobile, Xeon E
-CFL-S        B0       6-9e-b/02 000000ca->000000d6 Core Gen8
-CFL-H/S      P0       6-9e-c/22 000000ca->000000d6 Core Gen9
-CFL-H        R0       6-9e-d/22 000000ca->000000d6 Core Gen9 Mobile
+SKL-U/Y      D0       6-4e-3/c0 000000dc->000000d6 Core Gen6 Mobile
+SKL-U23e     K1       6-4e-3/c0 000000dc->000000d6 Core Gen6 Mobile
+SKL-H/S      R0/N0    6-5e-3/36 000000dc->000000d6 Core Gen6; Xeon E3 v5
 
 ---- removed platforms ------------------------------------
diff --git a/s000406E3_m000000C0_r000000D6.fw b/s000406E3_m000000C0_r000000D6.fw
deleted file mode 100644
index 1fabcf8..0000000
Binary files a/s000406E3_m000000C0_r000000D6.fw and /dev/null differ
diff --git a/supplementary-ucode-20200609_BDX-ML.bin b/supplementary-ucode-20200616_BDX-ML.bin
similarity index 100%
rename from supplementary-ucode-20200609_BDX-ML.bin
rename to supplementary-ucode-20200616_BDX-ML.bin

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Package: release.debian.org
Version: 9.13

Hi,

All of these requests relate to updates that were included in today's
stretch point release.

Regards,

Adam

--- End Message ---
Reply to: