Hi, just a heads-up: I'm planning to fix those CVEs for LTS and ELTS, and fix them in the order unstable -> bookworm -> bullseye -> buster -> stretch -> jessie.
For unstable, I plan to do an NMU. Staging area will be my fork on salsa: https://salsa.debian.org/tobi/intel-microcode Please shout if you'd like me to handle it differently. Cheers, -- tobi On Wed, 15 Feb 2023 08:52:06 +0100 Salvatore Bonaccorso <[email protected]> wrote: > Source: intel-microcode > Version: 3.20221108.1 > Severity: important > Tags: security upstream > X-Debbugs-Cc: [email protected], Debian Security Team > <[email protected]> > Control: found -1 3.20220510.1~deb11u1 > Control: found -1 3.20220510.1~deb10u1 > > Hi, > > The following vulnerabilities were published for intel-microcode. > > CVE-2022-21216[0]: > - INTEL-SA-00700 > > CVE-2022-33972[1]: > - INTEL-SA-00730 > > CVE-2022-33196[2]: > - INTEL-SA-00738 > > CVE-2022-38090[3]: > - INTEL-SA-00767 > > If you fix the vulnerabilities please also make sure to include the > CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2022-21216 > https://www.cve.org/CVERecord?id=CVE-2022-21216 > >https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html > [1] https://security-tracker.debian.org/tracker/CVE-2022-33972 > https://www.cve.org/CVERecord?id=CVE-2022-33972 > >https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00730.html > [2] https://security-tracker.debian.org/tracker/CVE-2022-33196 > https://www.cve.org/CVERecord?id=CVE-2022-33196 > >https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html > [3] https://security-tracker.debian.org/tracker/CVE-2022-38090 > https://www.cve.org/CVERecord?id=CVE-2022-38090 > >https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html > [4] > https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230214 > > Regards, > Salvatore > >

