Source: intel-microcode Version: 3.20230512.1 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 3.20220510.1~deb11u1 Control: found -1 3.20230214.1~deb11u1
Hi, The following vulnerabilities were published for intel-microcode. CVE-2022-40982[0], CVE-2022-41804[1] and CVE-2023-23908[2]. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-40982 https://www.cve.org/CVERecord?id=CVE-2022-40982 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html [1] https://security-tracker.debian.org/tracker/CVE-2022-41804 https://www.cve.org/CVERecord?id=CVE-2022-41804 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html [2] https://security-tracker.debian.org/tracker/CVE-2023-23908 https://www.cve.org/CVERecord?id=CVE-2023-23908 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html [3] https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808 Please adjust the affected versions in the BTS as needed. Regards, Salvatore