On 3 December 2014 at 11:30, Henrique de Moraes Holschuh <[email protected]> wrote: > I am the Debian upstream for both packages (intel-microcode and iucode- > tool), and upstream author for iucode-tool. > > Thank you for the kind comments on iucode-tool :-) > > As for intel-microcode, you guys are dealing with an outdated package > version. The new one in Debian addresses the Haswell microcode update > issue by switching to enforced early initramfs mode updates... > > This simplified the packaging a lot, but it also means there were > extensive changes to all scripts, so the intel-microcode security > analysis likely needs to be redone when you resync with Debian. > > Also, the intel-microcode package version you're considering can be a > hazard when dealing with Intel microcode updates with visible effects at > the ISA level, like the Haswell "disable TSX" microcode update. It can > result in an unusable system, as your QA team found out, which forced > you guys to revert to the previous Intel microcode update data. > > The newer version of intel-microcode in Debian enforces the safe use of > early microcode updates, which allows the use of Intel microcode update > data 20140913 and newer. You should consider a resync as soon as > pratical. >
Right, this was pointed out to me. I'll make sure the updated package is merged in properly before proceeding with this. -- Regards, Dimitri. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1388889 Title: [MIR] intel-microcode & iucode-tool (multiverse -> restricted) To manage notifications about this bug go to: https://bugs.launchpad.net/intel/+bug/1388889/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
