[Git][security-tracker-team/security-tracker][master] postpone intel-microcode issues on jessie
Emilio Pozuelo Monfort
pochu at debian.org
Thu Feb 20 09:57:25 GMT 2020
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
da306b85 by Emilio Pozuelo Monfort at 2020-02-20T10:56:52+01:00
postpone intel-microcode issues on jessie
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -23264,6 +23264,7 @@ CVE-2020-0549 (Cleanup errors in some data cache evictions for some Intel(R) Pro
- intel-microcode <unfixed>
[buster] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
[stretch] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
+ [jessie] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
NOTE: https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling
NOTE: https://cacheoutattack.com/
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
@@ -23271,6 +23272,7 @@ CVE-2020-0548 (Cleanup errors in some Intel(R) Processors may allow an authentic
- intel-microcode <unfixed>
[buster] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
[stretch] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
+ [jessie] - intel-microcode <postponed> (Minor issue; low impact if all mitigations for TAA and MDS were already previously applied)
NOTE: https://software.intel.com/security-software-guidance/software-guidance/vector-register-sampling
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html
CVE-2020-0547
=====================================
data/dla-needed.txt
=====================================
@@ -22,9 +22,6 @@ ibus
NOTE: 20191210: See https://bugs.debian.org/941018
NOTE: 20191210: See https://gitlab.gnome.org/GNOME/glib/merge_requests/1176
--
-intel-microcode
- NOTE: 20200219: Postponed in stretch and buster. We can do the same for jessie. (ola)
---
jackson-databind
NOTE: 20200105: Can be postponed again. (apo)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/da306b850ee1c3feabdca98dbe0fcb0c8cf89cd8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/da306b850ee1c3feabdca98dbe0fcb0c8cf89cd8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200220/bfc9beda/attachment.html>
More information about the debian-security-tracker-commits
mailing list