[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Changed in: microcode.ctl (Debian) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/569488 Title: update-intel-microcode does not find latest available microcode update To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/microcode.ctl/+bug/569488/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Branch linked: lp:ubuntu/microcode.ctl -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/569488 Title: update-intel-microcode does not find latest available microcode update To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/microcode.ctl/+bug/569488/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
> I've heard about 'Do not eval() code from the Internet'", but there are > not such eval and unsecure things. Those were modifications I made to the first python version of this script, which used eval instead of a json parser. See the patch above. -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
Re: [Bug 569488] Re: update-intel-microcode does not find latest available microcode update
On 11.08.2010 09:27, Moritz Naumann wrote: > Since this package is currently broken in Lucid (10.04), which is a > https://wiki.ubuntu.com/LTS release, and since this update also fixes a > possible security issue (as Stefano pointed out in his 'Do not eval() > code from the Internet' changelog statement), I would assume this > qualifies for https://wiki.ubuntu.com/StableReleaseUpdates and would > appreciate one taking place. I've heard about 'Do not eval() code from the Internet'", but there are not such eval and unsecure things. The shell code was designed to be safe, and I've not yet seen problems. It do the same things as the python code, probably using the same code (C library to do the core things), with the same security. BTW I plan to push the ubuntu python code also in Debian package, and asking for a unblock (python code is somewhat more manageable than shell, considering that Intel cannot really have a stable method to release new firmware). PS: and done correctly, e.g. the ubuntu patch lacked of python dependency. ciao cate -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
Actually the 'Do not eval() code from the Internet' changelog statement refers to a previous version of this patch, not to the version currently in Lucid, sorry. -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
Since this package is currently broken in Lucid (10.04), which is a https://wiki.ubuntu.com/LTS release, and since this update also fixes a possible security issue (as Stefano pointed out in his 'Do not eval() code from the Internet' changelog statement), I would assume this qualifies for https://wiki.ubuntu.com/StableReleaseUpdates and would appreciate one taking place. -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Branch linked: lp:ubuntu/microcode.ctl -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
This bug was fixed in the package microcode.ctl - 1.17-13ubuntu1 --- microcode.ctl (1.17-13ubuntu1) maverick; urgency=low [ Daniel J Blueman ] * Rewrote update-intel-microcode script to robustly parse and download updated microcode correctly (LP: #569488) [ Stefano Rivera ] * update-intel-microcode: Do not eval() code from the Internet, and use Python's built in tarfile library rather than a temporary directory. * debian/microcode.ctl.init: Depend on $remote_fs. -- Daniel J BluemanWed, 12 May 2010 14:10:06 +0100 ** Changed in: microcode.ctl (Ubuntu) Status: Fix Committed => Fix Released -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
Uploaded. Seems like a reasonable candidate for an SRU (if we care about multiverse that much) ** Changed in: microcode.ctl (Ubuntu) Status: Incomplete => Fix Committed ** Changed in: microcode.ctl (Ubuntu) Assignee: Daniel J Blueman (daniel-blueman) => (unassigned) -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
Hi Stefano - your changes are indeed good and resolve the potential security problem of using eval, which I don't like either. Thanks for the help! Daniel -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Tags added: patch -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Patch added: "Debdiff, version 2" http://launchpadlibrarian.net/50928638/microcode.ctl_1.17-13ubuntu1-2.debdiff -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
I can't say I'm mad about eval()ing data from a web site, as root. Also, rename won't work across mounts, why not just use the Python tarfile module? Lintian threw a remote_fs error on build. How's this patch? ** Changed in: microcode.ctl (Ubuntu) Status: In Progress => Incomplete ** Changed in: microcode.ctl (Ubuntu) Assignee: Stefano Rivera (stefanor) => Daniel J Blueman (daniel-blueman) -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Changed in: microcode.ctl (Ubuntu) Status: Confirmed => In Progress ** Changed in: microcode.ctl (Ubuntu) Assignee: Daniel J Blueman (daniel-blueman) => Stefano Rivera (stefanor) -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Changed in: microcode.ctl (Debian) Status: Unknown => New -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Bug watch added: Debian Bug tracker #571408 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571408 ** Also affects: microcode.ctl (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=571408 Importance: Unknown Status: Unknown -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Changed in: microcode.ctl (Ubuntu) Status: Fix Committed => Confirmed -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Changed in: microcode.ctl (Ubuntu) Assignee: (unassigned) => Daniel J Blueman (daniel-blueman) ** Patch added: "Updated intel-microcode-update script to robustly parse and download microcode" http://launchpadlibrarian.net/48331483/microcode.ctl_1.17-13ubuntu1.debdiff ** Changed in: microcode.ctl (Ubuntu) Status: New => Fix Committed -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
This very dirty bash snippet works (currently): #!/bin/sh JSON=$(wget -qO- 'http://downloadcenter.intel.com/JSONDataProvider.aspx?sort=Date&sortDir=descending&Hits=1&keyword="Linux microcode "&lang=eng&refresh=filters&dataType=json') VERSION=$(echo $JSON | sed 's/^.*,"version":"\([^"]*\).*$/\1/') DOWNLOADID=$(echo $JSON |sed 's/^.*,"downloadid":"\([^"]*\).*$/\1/') wget "http://downloadmirror.intel.com/${DOWNLOADID}/eng/microcode-${VERSION}.tgz"; It's obviously incorrect to run sed on serialized data, though. And this example will fail on marginal changes. Better ways of parsing JSON (such as using python) are discussed at http://stackoverflow.com/questions/1955505/parsing-json-with-sed-and-awk -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
cf. https://lists.ubuntu.com/archives/kernel-team/2010-March/009496.html -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 569488] Re: update-intel-microcode does not find latest available microcode update
** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/45204520/Dependencies.txt ** Attachment added: "XsessionErrors.txt" http://launchpadlibrarian.net/45204521/XsessionErrors.txt -- update-intel-microcode does not find latest available microcode update https://bugs.launchpad.net/bugs/569488 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs