[Git][security-tracker-team/security-tracker][master] Reserve DLA-3964-1 for intel-microcode
Tobias Frost (@tobi)
tobi at debian.org
Sun Nov 24 14:35:34 GMT 2024
Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5abcc6db by Tobias Frost at 2024-11-24T15:35:23+01:00
Reserve DLA-3964-1 for intel-microcode
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -20528,14 +20528,12 @@ CVE-2024-8096 (When curl is told to use the Certificate Status Request TLS exten
CVE-2024-24968 (Improper finite state machines (FSMs) in hardware logic in some Intel( ...)
- intel-microcode 3.20240910.1 (bug #1081363)
[bookworm] - intel-microcode 3.20240910.1~deb12u1
- [bullseye] - intel-microcode <postponed> (Minor issue)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240910
NOTE: Got updated once more in https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-23984 (Observable discrepancy in RAPL interface for some Intel(R) Processors ...)
- intel-microcode 3.20240910.1 (bug #1081363)
[bookworm] - intel-microcode 3.20240910.1~deb12u1
- [bullseye] - intel-microcode <postponed> (Minor issue)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240910
NOTE: Got updated once more in https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[24 Nov 2024] DLA-3964-1 intel-microcode - security update
+ {CVE-2024-23984 CVE-2024-24968}
+ [bullseye] - intel-microcode 3.20240910.1~deb11u1
[23 Nov 2024] DLA-3963-1 ansible - security update
{CVE-2024-8775 CVE-2024-9902}
[bullseye] - ansible 2.10.7+merged+base+2.10.17+dfsg-0+deb11u2
=====================================
data/dla-needed.txt
=====================================
@@ -105,10 +105,6 @@ glewlwyd (Thorsten Alteholz)
NOTE: 20240815: pu scheduled https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1007884
NOTE: 20241118: testing package
--
-intel-microcode (tobi)
- NOTE: 20241103: Added by Front-Desk (pochu)
- NOTE: 20241103: work prepared for bullseye-pu in #1086602, coordinate with maintainer (pochu)
---
jetty9 (Markus Koschany)
NOTE: 20241110: Added by Front-Desk (apo)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5abcc6dbae08eeca6e88e3e261ee7e0ab671eb63
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5abcc6dbae08eeca6e88e3e261ee7e0ab671eb63
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241124/131c8970/attachment.htm>
More information about the debian-security-tracker-commits
mailing list