Well 2.7.0 is back with a warning on it. http://www.dell.com/support/article/us/en/19/sln308588/microprocessor-side-channel-vulnerabilities-cve-2017-5715-cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-dell-enterprise-servers-storage-and-networking-?lang=en
On 01/18/2018 12:46 PM, R S wrote:
Dell redacted the 2.7.0 BIOS as there was an issue in the Intel provided microcode: "We have received reports from a few customers of higher system reboots after applying firmware updates. Specifically, these systems are running Intel Broadwell and Haswell CPUs for both client and data center. We are working quickly with these customers to understand, diagnose and address this reboot issue. If this requires a revised firmware update from Intel, we will distribute that update through the normal channels. We are also working directly with data center customers to discuss the issue."sources:https://newsroom.intel.com/news/intel-security-issue-update-addressing-reboot-issues (2018-01-11)http://www.dell.com/support/article/us/en/04/sln308588/microprocessor-side-channel-vulnerabilities-cve-2017-5715-cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-dell-enterprise-servers-storage-and-networking-On Thu, Jan 18, 2018 at 3:22 AM, Guillaume Courtois <[email protected] <mailto:[email protected]>> wrote:Hi guys, It seems like the repo is updated now : http://linux.dell.com/repo/hardware/dsu/ <http://linux.dell.com/repo/hardware/dsu/> but I don't see the new BIOS, at least the one for R630 / R730 servers : it is listed in the changelog : http://linux.dell.com/repo/hardware/dsu/changelog.html <http://linux.dell.com/repo/hardware/dsu/changelog.html> R730 BIOS New : BIOS_78R68_LN_2.7.0.BIN Old : BIOS_KGTJ5_LN_2.6.0.BIN There is no file named BIOS_78R68_LN_2.7.0*.rpm in the repo : http://linux.dell.com/repo/hardware/dsu/os_independent/noarch/ <http://linux.dell.com/repo/hardware/dsu/os_independent/noarch/> but there is still the old BIOS file in the file BIOS_KGTJ5_LN_2.6.0-2.6.0-18.01.00.noarch.rpm So, is it a problem with my company's internet proxy, or on your side ? Bye. Le 10/01/2018 07:30, [email protected] <mailto:[email protected]> a écrit : Dell - Internal Use - Confidential We are in the process of churning the DSU repository, it will be made available as soon as possible. Thanks, Kalyan. -----Original Message----- From: linux-poweredge-bounces-Lists On Behalf Of Kilian Cavalotti Sent: 08 January 2018 21:27 To: Ponnandi, Soorej <[email protected]> Cc: linux-poweredge-Lists <[email protected] <mailto:[email protected]>> Subject: Re: [Linux-PowerEdge] dsu woes On Mon, Jan 8, 2018 at 1:43 AM, <[email protected] <mailto:[email protected]>> wrote: The DSU repository is refreshed once in every month. I believe the BIOS v2.7.0 was released couple of days back. The next DSU repository with this latest BIOS update will be available by end of next week. Oh come on, seriously? Don't you guys think that the current situation is serious enough to warrant a repository update a bit sooner? I mean, even Microsoft released their patches out of their usual Patch Tuesday release cycle. Please don't invoke quality control or any kind of testing, we all know here from experience that it's not DSU's strong suit... It's especially damning because here, DSU is trying to revert an updated BIOS to a vulnerable version. It's both insulting when sysadmins took care of manually updating the BIOS, and just awkward for brand new servers that are delivered with up-to-date firmware. In that specific case, DSU does not just cause annoyances or mere technical issues, it actually makes server vulnerable (again!) to the most serious security issue the industry faced in years, which should be treated with the utmost importance by the DSU engineering teams, not dismissed as yet another regular firmware update. Message to Dell management: do you guys have any plans to make your server firmware management tools usable again? Right now, they're a liability to both your customers and your brand. Please let us know when you finally decide to address the year-long outstanding issues with that "tool", whereas they're out-of-date firmware in the repository, month-long delays to fix reported issues, or just plain broken behavior, and we'll consider buying Dell servers again. Cheers, -- Kilian _______________________________________________ Linux-PowerEdge mailing list [email protected] <mailto:[email protected]> https://lists.us.dell.com/mailman/listinfo/linux-poweredge <https://lists.us.dell.com/mailman/listinfo/linux-poweredge> _______________________________________________ Linux-PowerEdge mailing list [email protected] <mailto:[email protected]> https://lists.us.dell.com/mailman/listinfo/linux-poweredge <https://lists.us.dell.com/mailman/listinfo/linux-poweredge> _______________________________________________ Linux-PowerEdge mailing list [email protected] <mailto:[email protected]> https://lists.us.dell.com/mailman/listinfo/linux-poweredge <https://lists.us.dell.com/mailman/listinfo/linux-poweredge> -- Tech III * AppControl * Endpoint Protection * Server Maintenance Buncombe County Schools Technology Department Network Group ComicSans Awareness Campaign <http://comicsanscriminal.com> _______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
<<attachment: boutilpj.vcf>>
_______________________________________________ Linux-PowerEdge mailing list [email protected] https://lists.us.dell.com/mailman/listinfo/linux-poweredge
