[Git][security-tracker-team/security-tracker][master] Reserve DLA-3379-1 for intel-microcode

Tobias Frost (@tobi) tobi at debian.org
Sat Apr 1 09:48:09 BST 2023



Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a962697e by Tobias Frost at 2023-04-01T10:47:53+02:00
Reserve DLA-3379-1 for intel-microcode

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -92114,7 +92114,6 @@ CVE-2022-21795
 CVE-2022-21233 (Improper isolation of shared resources in some Intel(R) Processors may ...)
 	- intel-microcode 3.20220809.1
 	[bullseye] - intel-microcode <no-dsa> (Minor issue, only impacts SGX)
-	[buster] - intel-microcode <no-dsa> (Minor issue, only impacts SGX)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220809
 CVE-2022-21128 (Insufficient control flow management in the Intel(R) Advisor software  ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Apr 2023] DLA-3379-1 intel-microcode - security update
+	{CVE-2022-21216 CVE-2022-21233 CVE-2022-33196 CVE-2022-33972 CVE-2022-38090}
+	[buster] - intel-microcode 3.20230214.1~deb10u1
 [01 Apr 2023] DLA-3378-1 duktape - security update
 	{CVE-2021-46322}
 	[buster] - duktape 2.3.0-1+deb10u1


=====================================
data/dla-needed.txt
=====================================
@@ -116,13 +116,6 @@ hdf5
   NOTE: 20230318: Enrico did some work around hdf5* packaging in the past, probably
   NOTE: 20230318: sync w/ him. (utkarsh)
 --
-intel-microcode (tobi)
-  NOTE: 20230219: Programming language: Binary blob.
-  NOTE: 20230219: VCS: https://salsa.debian.org/lts-team/packages/intel-microcode.git
-  NOTE: 20230310: will first fix unstable and stable, then proceed with LTS and ELTS, using the same new upstream version. (tobi)
-  NOTE: 20230312: uploaded to DELAYED/5 for unstable.
-  NOTE: 20230317: now in unstable. prepared SPU for bullseye (#1033079), prepared update for buster, stretch and jessie, available in LTS repo. (tobi)
---
 linux (Ben Hutchings)
   NOTE: 20230111: Programming language: C
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a962697e56053f652b122508b6c34c8942152fc7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a962697e56053f652b122508b6c34c8942152fc7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230401/868789a4/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list