[Git][security-tracker-team/security-tracker][master] Mark amd64-microcode as no-dsa and drop from dsa-needed list

Salvatore Bonaccorso carnil at debian.org
Fri Mar 13 18:00:13 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c9dda41 by Salvatore Bonaccorso at 2020-03-13T18:58:59+01:00
Mark amd64-microcode as no-dsa and drop from dsa-needed list

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -171222,6 +171222,7 @@ CVE-2017-5715 (Systems with microprocessors utilizing speculative execution and
 	[stretch] - intel-microcode 3.20180425.1~deb9u1
 	[jessie] - intel-microcode 3.20180425.1~deb8u1
 	- amd64-microcode 3.20180515.1
+	[stretch] - amd64-microcode <no-dsa> (Can be fixed via point release)
 	NOTE: https://spectreattack.com/
 	NOTE: https://xenbits.xen.org/xsa/advisory-254.html
 	NOTE: https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html


=====================================
data/dsa-needed.txt
=====================================
@@ -11,13 +11,6 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
---
-amd64-microcode/oldstable (Anton Gladky)
-  NOTE: 20200224: Missing IBPB feature for Spectre variant 2 mitigation
-  NOTE: 20200224: (stretch only).  (Kernel support was added in 2018.)
-  NOTE: 20200224: The maintainer says version 3.20191218.1 can be
-  NOTE: 20200224: backported to all stable releases.
-  NOTE: 20200312: updated package is in testing phase
 --
 bluez (carnil)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c9dda4132363fd5b169a3aad5fec48a4e4d2f72

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c9dda4132363fd5b169a3aad5fec48a4e4d2f72
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200313/ee78742f/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list