[Secure-testing-team] intel-microcode: Spectre / Meltdown : bring intel-microcode 20180104 to stretch
Julien Aubin
julien.aubin at gmail.com
Sat Jan 20 19:08:31 UTC 2018
Package: intel-microcode
Version: 3.20171117.1~bpo9+1
Severity: critical
Tags: security
Justification: root security hole
Hi,
As of now intel-microcode of stretch is still set to 20170707 (20171117
through
bpo) which lets users vulnerable to Spectre attack CVE-2017-5715. Could you
please bring quickly the microcode update to stretch, at least on bpo ?
Thanks a lot
-- System Information:
Debian Release: 9.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-5-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages intel-microcode depends on:
ii iucode-tool 2.1.1-1
Versions of packages intel-microcode recommends:
ii initramfs-tools 0.130
intel-microcode suggests no packages.
-- no debconf information
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20180120/7e6dfafb/attachment.html>
More information about the Secure-testing-team
mailing list