Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
37a28412 by Moritz Muehlenhoff at 2018-08-29T11:50:52Z
Add note on second batch of microcode fixes
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33203,8 +33203,8 @@ CVE-2018-3646 (Systems with microprocessors utilizing
speculative execution and
NOTE:
https://git.kernel.org/linus/958f338e96f874a0d29442396d6adf9c1e17aa2d
NOTE: https://xenbits.xen.org/xsa/advisory-273.html
NOTE: Updates were already shipped with 20180703 release, but only
disclosed later, see #906158
- NOTE: The fixed version for intel-microcode designates the first batch
of updates which targeted most server CPUs,
- NOTE: later followup releases (for some desktop class CPUs) will be
commented separately
+ NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
+ NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
CVE-2018-3645 (Escalation of privilege in all versions of the Intel Remote
Keyboard ...)
NOT-FOR-US: Intel
CVE-2018-3644
@@ -33221,8 +33221,8 @@ CVE-2018-3640 (Systems with microprocessors utilizing
speculative execution and
NOTE:
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
NOTE: No software mitigations planned to be implemented in src:linux
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
- NOTE: The fixed version designates the first batch of updates which
targeted most server CPUs,
- NOTE: later followup releases (for some desktop class CPUs) will be
commented separately
+ NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
+ NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
CVE-2018-3639 (Systems with microprocessors utilizing speculative execution
and ...)
{DSA-4273-1 DSA-4210-1 DLA-1446-1 DLA-1423-1}
- intel-microcode 3.20180703.1
@@ -33233,8 +33233,8 @@ CVE-2018-3639 (Systems with microprocessors utilizing
speculative execution and
NOTE: https://xenbits.xen.org/xsa/advisory-263.html
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
- NOTE: The fixed version for intel-microcode designates the first batch
of updates which targeted most server CPUs,
- NOTE: later followup releases (for some desktop class CPUs) will be
commented separately
+ NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
+ NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
CVE-2018-3638 (Escalation of privilege in all versions of the Intel Remote
Keyboard ...)
NOT-FOR-US: Intel
CVE-2018-3637
@@ -33281,8 +33281,8 @@ CVE-2018-3620 (Systems with microprocessors utilizing
speculative execution and
NOTE: https://foreshadowattack.eu/
NOTE:
https://git.kernel.org/linus/958f338e96f874a0d29442396d6adf9c1e17aa2d
NOTE: https://xenbits.xen.org/xsa/advisory-273.html
- NOTE: The fixed version for intel-microcode designates the first batch
of updates which targeted most server CPUs,
- NOTE: later followup releases (for some desktop class CPUs) will be
commented separately
+ NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
+ NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
CVE-2018-3619 (Information disclosure vulnerability in storage media in
systems with ...)
NOT-FOR-US: Intel
CVE-2018-3618
@@ -33295,8 +33295,8 @@ CVE-2018-3615 (Systems with microprocessors utilizing
speculative execution and
- intel-microcode 3.20180703.1
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault
NOTE: https://foreshadowattack.eu/
- NOTE: The fixed version designates the first batch of updates which
targeted most server CPUs,
- NOTE: later followup releases (for some desktop class CPUs) will be
commented separately
+ NOTE: The 3.20180703.1 release for intel-microcode was the first batch
of updates which targeted
+ NOTE: most server type CPUs, additional models were supported in the
3.20180807a.1 release
CVE-2018-3614
RESERVED
CVE-2018-3613
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/37a28412ff452f5f4c40f01d7f5726b5b41d9ffd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/37a28412ff452f5f4c40f01d7f5726b5b41d9ffd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
