Public bug reported: ## FFE ##
amd64-microcode contains binaries distributed from the upstream linux-firmware repository[1]. Version 20250708 fixes CVE-2024-36350 and CVE-2024-36357, both for AMD TSA[2] and it is being updated across most of the releases, and to avoid possible upgrade interruptions, we would need to have the devel release also updated to this newer version. At this stage, supported releases are in the security-proposed pocket[3]. The idea is: if approved, a rebased version on top of the version in the archive proposed[4] can get sponsored by a security team member including this LP Bug on the debian/changelog. ### Testing Done ### Questing update was tested with a local build using AMD machines available in testflinger running the QRT test for this package[5] [1]: https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/amd-ucode?id=331eac9144402d6cfa02ff3b2888a40bb9a7a01a [2]: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7029.html [3]: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages?field.name_filter=amd64-microcode&field.status_filter=published&field.series_filter= [4]: https://launchpad.net/ubuntu/+source/amd64-microcode/3.20250311.1ubuntu3 ** Affects: amd64-microcode (Ubuntu) Importance: Undecided Status: New ** Summary changed: - [FFe] Update to upstream version 20250708 + [FFe] Update amd64-microcode to upstream version 20250708 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2120893 Title: [FFe] Update amd64-microcode to upstream version 20250708 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amd64-microcode/+bug/2120893/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
