lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20190620064132.3fgfy4vwpb7j4z5q@seger.debian.org>
Date: Thu, 20 Jun 2019 06:41:32 +0000
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 4447-2] intel-microcode security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4447-2                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
Jun 20, 2019                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : intel-microcode
CVE ID         : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
                 CVE-2019-11091

DSA 4447-1 shipped updated CPU microcode for most types of Intel CPUs as
mitigations for the MSBDS, MFBDS, MLPDS and MDSUM hardware vulnerabilities.

This update provides additional support for some Sandybridge server
and Core-X CPUs which were not covered in the original May microcode
release. For a list of specific CPU models now supported please refer
to the entries listed under CPUID 206D6 and 206D7 at
https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf

For the stable distribution (stretch), these problems have been fixed in
version 3.20190618.1~deb9u1.

We recommend that you upgrade your intel-microcode packages.

For the detailed security status of intel-microcode please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/intel-microcode

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl0LKeoACgkQEMKTtsN8
TjZNtxAAi0dfmsv3xJXYXa/UIG7ayCCdywg7bfYUIFh7eaz5K9IUdq1RRea+qPsd
BKzBaWDDGl6+YyZJibFD+JYjrxvHOEWtVrJPuoco2Z34nKkEJDieoFtQjjeZ61ik
S9iT2zWnTQa+VixIdJuYBS9z1Rakf58SU/IpNKxZ33eaJ+isAe9KQLO0OyD/d9qN
x56EQyAmSOx44IrzkHegIchFNaV2fvScoJ1kVg21FMKWi96P4GTU7jw2UWzNepVs
6yrXfTSaPWUbSg93D24i0FXVce9m35OP7SosdkIyDU5fRfHGxTPxDFnXa2PmY71j
uBniE6oUe75Fh9tZpNCQoL9e08463pZjjETcTBxMKYF+Q9/3OwIeRfYCd39gLlsP
H3GNW8bLzxrntWquRazthkvfkTP+H9QG7E3ibeR/YX7l2aS5p8e6fs2OP57g3NCI
ZJPrhrPstYJ6NhESUVi2N/QAiaOj4pBsel8bvIKyanGvWcNkonM5FV4tjfXm0GHx
ZfIiBANF5aLh/pAkd5uDzxyH5xKhM/F0FRlDyqHjb2BuyoG3B2GLe2lXgkIhAR20
JmbPk9S/d15GNC9ndr+XFOkU6+IDgC7glSf0PLuRli7db6u6US1Ch+cS4k5mTzWS
7/Run+QoeSzZjIBvF6aamMZfWxISOHyvV+5b/cWGbfX4wqyppHQ=
=VGab
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ