Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
da306b85 by Emilio Pozuelo Monfort at 2020-02-20T10:56:52+01:00
postpone intel-microcode issues on jessie
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -23264,6 +23264,7 @@ CVE-2020-0549 (Cleanup errors in some data cache
evictions for some Intel(R) Pro
- intel-microcode <unfixed>
[buster] - intel-microcode <postponed> (Minor issue; low impact if all
mitigations for TAA and MDS were already previously applied)
[stretch] - intel-microcode <postponed> (Minor issue; low impact if all
mitigations for TAA and MDS were already previously applied)
+ [jessie] - intel-microcode <postponed> (Minor issue; low impact if all
mitigations for TAA and MDS were already previously applied)
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling
NOTE: https://cacheoutattack.com/
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
@@ -23271,6 +23272,7 @@ CVE-2020-0548 (Cleanup errors in some Intel(R)
Processors may allow an authentic
- intel-microcode <unfixed>
[buster] - intel-microcode <postponed> (Minor issue; low impact if all
mitigations for TAA and MDS were already previously applied)
[stretch] - intel-microcode <postponed> (Minor issue; low impact if all
mitigations for TAA and MDS were already previously applied)
+ [jessie] - intel-microcode <postponed> (Minor issue; low impact if all
mitigations for TAA and MDS were already previously applied)
NOTE:
https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
CVE-2020-0547
=====================================
data/dla-needed.txt
=====================================
@@ -22,9 +22,6 @@ ibus
NOTE: 20191210: See https://bugs.debian.org/941018
NOTE: 20191210: See https://gitlab.gnome.org/GNOME/glib/merge_requests/1176
--
-intel-microcode
- NOTE: 20200219: Postponed in stretch and buster. We can do the same for
jessie. (ola)
---
jackson-databind
NOTE: 20200105: Can be postponed again. (apo)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da306b850ee1c3feabdca98dbe0fcb0c8cf89cd8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da306b850ee1c3feabdca98dbe0fcb0c8cf89cd8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
