Compare commits

...

No commits in common. "c8" and "c9s" have entirely different histories.
c8 ... c9s

44 changed files with 202 additions and 61 deletions

14
.gitignore vendored
View File

@ -1,7 +1,7 @@
SOURCES/06-2d-07
SOURCES/06-4e-03
SOURCES/06-55-04
SOURCES/06-5e-03
SOURCES/microcode-20190918.tar.gz
SOURCES/microcode-20191115.tar.gz
SOURCES/microcode-20240910.tar.gz
/microcode-20190918.tar.gz
/microcode-20191115.tar.gz
/microcode-20241112.tar.gz
/06-2d-07
/06-4e-03
/06-55-04
/06-5e-03

View File

@ -1,7 +0,0 @@
bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07
06432a25053c823b0e2a6b8e84e2e2023ee3d43e SOURCES/06-4e-03
2e405644a145de0f55517b6a9de118eec8ec1e5a SOURCES/06-55-04
86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03
bc20d6789e6614b9d9f88ee321ab82bed220f26f SOURCES/microcode-20190918.tar.gz
774636f4d440623b0ee6a2dad65260e81208074d SOURCES/microcode-20191115.tar.gz
2815182aa376dba6d534bc087a27fe9f27def1d2 SOURCES/microcode-20240910.tar.gz

View File

@ -10,8 +10,8 @@ behaviour.
General behaviour
=================
In RHEL 8 (as well as RHEL 7 before it), there are currently two main handlers
for CPU microcode update:
In RHEL 9 (as well as in RHEL 7 and RHEL 8 before it), there are currently
two main handlers for CPU microcode update:
* Early microcode update. It uses GenuineIntel.bin or AuthenticAMD.bin file
placed at the beginning of an initramfs image
(/boot/initramfs-KERNEL_VERSION.img, where "KERNEL_VERSION" is a kernel
@ -45,10 +45,10 @@ zero-filled.
The early microcode is placed into initramfs image by the "dracut" script, which
scans the aforementioned subdirectories of the configured list of firmware
directories (by default, the list consists of two directories in RHEL 8,
directories (by default, the list consists of two directories in RHEL 9,
"/lib/firmware/updates" and "/lib/firmware").
In RHEL 8, AMD CPU microcode is shipped as a part of the linux-firmware package,
In RHEL 9, AMD CPU microcode is shipped as a part of the linux-firmware package,
and Intel microcode is shipped as a part of the microcode_ctl package.
The microcode_ctl package currently includes the following:
@ -613,7 +613,7 @@ Mitigation: microcode loading is disabled for the affected CPU model.
Minimum versions of the kernel package that contain the aforementioned patch
series:
- Upstream/RHEL 8: 4.17.0
- Upstream/RHEL 8/RHEL 9: 4.17.0
- RHEL 7.6 onwards: 3.10.0-894
- RHEL 7.5: 3.10.0-862.6.1
- RHEL 7.4: 3.10.0-693.35.1
@ -628,7 +628,7 @@ series:
Early microcode load inside a virtual machine
---------------------------------------------
RHEL 8 kernel supports performing microcode update during early boot stage
RHEL 9 kernel supports performing microcode update during early boot stage
from a cpio archive placed at the beginning of the initramfs image. However,
when an early microcode update is attempted inside some virtualised
environments, that may result in unexpected system behaviour.
@ -643,7 +643,7 @@ Mitigation: early microcode loading is disabled for all CPU models on kernels
without the fix.
Minimum versions of the kernel package that contain the fix:
- Upstream/RHEL 8: 4.10.0
- Upstream/RHEL 8/RHEL 9: 4.10.0
- RHEL 7.6 onwards: 3.10.0-930
- RHEL 7.5: 3.10.0-862.14.1
- RHEL 7.4: 3.10.0-693.38.1

6
gating.yaml Normal file
View File

@ -0,0 +1,6 @@
--- !Policy
product_versions:
- rhel-9
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: kernel-qe.kernel-ci.hardware-microcode_ctl.tier0.functional}

View File

@ -43,25 +43,43 @@ for f in $(grep -E '/intel-ucode.*/[0-9a-f][0-9a-f]-[0-9a-f][0-9a-f]-[0-9a-f][0-
# ext_sig, 12 bytes in size
IFS=' ' read cpuid pf_mask <<- EOF
$(hexdump -s "$skip" -n 8 \
-e '"" 1/4 "%08x " 1/4 "%u" "\n"' "$f")
$(dd if="$f" ibs=1 skip="$skip" count=8 status=none \
| xxd -e -g4 | xxd -r | hexdump -n 8 \
-e '"" 4/1 "%02x" " 0x" 4/1 "%02x" "\n"')
EOF
# Converting values from the constructed %#08x format
pf_mask="$((pf_mask))"
skip="$((skip + 12))"
ext_sig_pos="$((ext_sig_pos + 1))"
else
# Microcode header, 48 bytes, last 3 fields reserved
# cksum, ldrver are ignored
IFS=' ' read hdrver rev \
date_y date_d date_m \
date_m date_d date_y \
cpuid cksum ldrver \
pf_mask datasz totalsz <<- EOF
$(hexdump -s "$skip" -n 36 \
-e '"" 1/4 "%u " 1/4 "%#x " \
1/2 "%04x " 1/1 "%02x " 1/1 "%02x " \
1/4 "%08x " 1/4 "%x " 1/4 "%#x " \
1/4 "%u " 1/4 "%u " 1/4 "%u" "\n"' "$f")
$(dd if="$f" ibs=1 skip="$skip" count=36 status=none \
| xxd -e -g4 | xxd -r | hexdump -n 36 \
-e '"0x" 4/1 "%02x" " 0x" 4/1 "%02x" " " \
1/1 "%02x " 1/1 "%02x " 2/1 "%02x" " " \
4/1 "%02x" " 0x" 4/1 "%02x" " 0x" 4/1 "%02x" \
" 0x" 4/1 "%x" \
" 0x" 4/1 "%02x" " 0x" 4/1 "%02x" "\n"')
EOF
# Converting values from the constructed %#08x format
rev="$(printf '%#x' "$((rev))")"
pf_mask="$((pf_mask))"
datasz="$((datasz))"
totalsz="$((totalsz))"
# Skipping files with unexpected hdrver value
[ 1 = "$((hdrver))" ] || {
echo "$f+$skip@$file_sz: incorrect hdrver $((hdrver))" >&2
break
}
[ 0 != "$datasz" ] || datasz=2000
[ 0 != "$totalsz" ] || totalsz=2048
@ -80,9 +98,12 @@ for f in $(grep -E '/intel-ucode.*/[0-9a-f][0-9a-f]-[0-9a-f][0-9a-f]-[0-9a-f][0-
# ext_sig table header, 20 bytes in size,
# last 3 fields are reserved.
IFS=' ' read ext_sig_cnt <<- EOF
$(hexdump -s "$skip" -n 4 \
-e '"" 1/4 "%u" "\n"' "$f")
$(dd if="$f" ibs=1 skip="$skip" count=4 status=none \
| xxd -e -g4 | hexdump -n 4 \
-e '"0x" 4/1 "%02x" "\n"')
EOF
# Converting values from the constructed format
ext_sig_cnt="$((ext_sig_cnt))"
skip="$((skip + 20))"
else

View File

@ -144,7 +144,7 @@ def read_revs_dir(path, args, src=None, ret=None):
offs = 0
while offs < sz:
f.seek(offs, os.SEEK_SET)
hdr = struct.unpack("IiIIIIIIIIII", f.read(48))
hdr = struct.unpack("<IiIIIIIIIIII", f.read(48))
ret.append({"path": rp, "src": src or path,
"cpuid": hdr[3], "pf": hdr[6], "rev": hdr[1],
"date": hdr[2], "offs": offs, "cksum": hdr[4],
@ -152,7 +152,7 @@ def read_revs_dir(path, args, src=None, ret=None):
if hdr[8] and hdr[8] - hdr[7] > 48:
f.seek(hdr[7], os.SEEK_CUR)
ext_tbl = struct.unpack("IIIII", f.read(20))
ext_tbl = struct.unpack("<IIIII", f.read(20))
log_status("Found %u extended signatures for %s:%#x" %
(ext_tbl[0], rp, offs), level=1)
@ -160,7 +160,7 @@ def read_revs_dir(path, args, src=None, ret=None):
ext_sig_cnt = 0
while cur_offs < offs + hdr[8] \
and ext_sig_cnt <= ext_tbl[0]:
ext_sig = struct.unpack("III", f.read(12))
ext_sig = struct.unpack("<III", f.read(12))
ignore = args.ignore_ext_dups and \
(ext_sig[0] == hdr[3])
if not ignore:

View File

@ -1,5 +1,4 @@
%define intel_ucode_version 20240910
%global debug_package %{nil}
%define intel_ucode_version 20241112
%define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats
%define microcode_ctl_libexec %{_libexecdir}/microcode_ctl
@ -122,10 +121,12 @@ Source1000: gen_provides.sh
Source1001: codenames.list
Source1002: gen_updates2.py
ExclusiveArch: %{ix86} x86_64
BuildArch: noarch
BuildRequires: systemd-units
# hexdump is used in gen_provides.sh
BuildRequires: coreutils util-linux
# dd, hexdump, and xxd are used in gen_provides.sh
BuildRequires: coreutils util-linux /usr/bin/xxd
# gen_updates2.py requires python interpreter
BuildRequires: /usr/bin/python3
Requires: coreutils
Requires(post): systemd coreutils
Requires(preun): systemd coreutils
@ -313,7 +314,7 @@ install -m 644 "%{SOURCE182}" "%{tgl_inst_dir}/disclaimer"
# SUMMARY.intel-ucode generation
# It is to be done only after file population, so, it is here,
# at the end of the install stage
/usr/libexec/platform-python "%{SOURCE1002}" -C "%{SOURCE1001}" \
/usr/bin/python3 "%{SOURCE1002}" -C "%{SOURCE1001}" \
summary -A "%{buildroot}" \
> "%{buildroot}/%{_pkgdocdir}/SUMMARY.intel-ucode"
@ -551,10 +552,123 @@ rm -rf %{buildroot}
%changelog
* Tue Nov 19 2024 Eugene Syromiatnikov <esyr@redhat.com> - 4:20241112-1
- Update Intel CPU microcode to microcode-20241112 release, addresses
CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984 (RHEL-67336):
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0
up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0005c0
up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0005c0 up to 0x2b000603;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0005c0 up to 0x2b000603;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x36 up to 0x37;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x36
up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x36 up to 0x37;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x434 up to 0x435;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x434 up to 0x435;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x434 up to 0x435;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x434
up to 0x435;
- Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1f
up to 0x20;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x129 up
to 0x12b;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4122 up to 0x4123;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4122 up to 0x4123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4122
up to 0x4123;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4122 up to 0x4123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) from revision 0x4122 up to 0x4123;
- Update of 06-ba-08/0xe0 microcode from revision 0x4122 up to 0x4123;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x36 up to 0x37;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x36 up to 0x37;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x36 up to 0x37;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x36 up
to 0x37;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode from revision 0x21000230
up to 0x21000283;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) from revision 0x21000230 up to 0x21000283;
- Update of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) from revision 0x21000230 up to 0x21000283;
- Update of 06-cf-02/0x87 (EMR-SP A1) microcode from revision 0x21000230
up to 0x21000283.
* Mon Sep 23 2024 Eugene Syromiatnikov <esyr@redhat.com> - 4:20240910-1
- Update Intel CPU microcode to microcode-20240910 release, addresses
CVE-2024-23984, CVE-2024-24853, CVE-2024-24968, CVE-2024-24980,
CVE-2024-25939 (RHEL-59081):
CVE-2024-25939 (RHEL-58057):
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb6 up to 0xb8;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
@ -680,8 +794,8 @@ rm -rf %{buildroot}
- Update Intel CPU microcode to microcode-20240531 release, addresses
CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575,
CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733,
CVE-2023-46103, CVE-2023-49141 (RHEL-30859, RHEL-30862, RHEL-30865,
RHEL-30868, RHEL-30871, RHEL-41093, RHEL-41108):
CVE-2023-46103, CVE-2023-49141 (RHEL-30861, RHEL-30864, RHEL-30867,
RHEL-30870, RHEL-30873, RHEL-41094, RHEL-41109):
- Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c;
- Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at
revision 0x4121;
@ -1055,8 +1169,8 @@ rm -rf %{buildroot}
* Thu Aug 10 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-1
- Update Intel CPU microcode to microcode-20230808 release, addresses
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213125, #2223993, #2230678,
#2230690):
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213124, #2223992, #2230677,
#2230689):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
to 0x2007006;
@ -1256,7 +1370,7 @@ rm -rf %{buildroot}
to 0x11 (old pf 0x1).
* Mon Aug 07 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230516-1
- Update Intel CPU microcode to microcode-20230516 release (#2213125):
- Update Intel CPU microcode to microcode-20230516 release (#2213124):
- Addition of 06-be-00/0x01 (ADL-N A0) microcode at revision 0x10;
- Addition of 06-9a-04/0x40 (AZB A0) microcode at revision 0x4;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
@ -1429,19 +1543,19 @@ rm -rf %{buildroot}
* Tue Aug 01 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-4
- Avoid spurious find failures due to calls on directories that may not exist
(#2231065).
(#2225681).
* Wed Jun 28 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-3
- Force locale to C in check_caveats, reload_microcode, and update_ucode
(#2218096).
(#2218104).
* Tue Jun 06 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-2
- Cleanup the dangling symlinks in update_ucode (#2135376).
- Cleanup the dangling symlinks in update_ucode (#2213022).
* Wed Feb 15 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-1
- Update Intel CPU microcode to microcode-20230214 release, addresses
CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171234,
#2171259):
CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171237,
#2171262):
- Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000211;
- Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
0x2b000181;
@ -1617,11 +1731,11 @@ rm -rf %{buildroot}
* Tue Oct 25 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2
- Change the logger severity level to warning to align with the kmsg one
(#2136224).
(#2136506).
* Tue Aug 09 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-1
- Update Intel CPU microcode to microcode-20220510 release, addresses
CVE-2022-21233 (#2115667):
CVE-2022-21233 (#2115663):
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006d05 up
to 0x2006e05;
@ -1684,7 +1798,8 @@ rm -rf %{buildroot}
* Tue May 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220510-1
- Update Intel CPU microcode to microcode-20220510 release, addresses
CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2086743):
CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2090248,
#2090261, #2086751, #2040069):
- Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f;
- Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) at revision 0x1f;
@ -1807,13 +1922,8 @@ rm -rf %{buildroot}
to 0x53.
* Thu Feb 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220207-1
- Update Intel CPU microcode to microcode-20220207 release:
- Fixes in releasenote.md file.
* Mon Feb 07 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220204-1
- Update Intel CPU microcode to microcode-20220204 release, addresses
CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#1971906, #2049543,
#2049554, #2049571):
- Update Intel CPU microcode to microcode-20220207 release, addresses
CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#2053253):
- Removal of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f;
- Removal of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04)
at revision 0xb00000f;
@ -1917,6 +2027,10 @@ rm -rf %{buildroot}
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x40 up
to 0x50.
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4:20210608-2
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jul 05 2021 Eugene Syromiatnikov <esyr@redhat.com> - 4:20210608-1
- Update Intel CPU microcode to microcode-20210608 release (#1921773):
- Fixes in releasenote.md file.

7
sources Normal file
View File

@ -0,0 +1,7 @@
SHA512 (microcode-20190918.tar.gz) = 82e5212238d3e35470d139240d9157877ac252725598ec31bfe1763755681539a4ecdf24e04c4e4270215578a9ca3c063c8fc353accf99999c3d4ac2780a6e0c
SHA512 (microcode-20191115.tar.gz) = 11014c16bde83ac290bc75e458242f5e64b8dffd49de2e938f61f4a09979cd5e80dd1a85d2ccbac067e4398dc3d93ef3583e4aa9b2e545ba46d26e65ec1e2881
SHA512 (microcode-20241112.tar.gz) = de4ddb0a77e17a4a5b6789537cf71db9ab884c795ef5c77b17d3392fda0fbb4d860cc27bcdbd7512d9412d6f934e6771e889be262b20e77433e0f72d3b6cf1f0
SHA512 (06-2d-07) = 631ec8ad8ad3c9b32d9569689f673010d26c13c7cc377d66b8fc5150de52485076d1514ba867dfa4f468889a31d6701cd8a0789d465ad069d98c8ea0f5bd3204
SHA512 (06-4e-03) = 248066b521bf512b5d8e4a8c7e921464ce52169c954d6e4ca580d8c172cd789519e22b4cf56c212e452b4191741f0202019f7061d322c9433b5af9ce5413b567
SHA512 (06-55-04) = db2783cd62680510a7105e7c3fd9d5fffac6a33159ba811f4669f8afb9a5badde4c009bf1868e6a53eb3ac2286812404127bcd45fcbc65fe004788e25ae3e222
SHA512 (06-5e-03) = 7841c1f27b10016943d448f49fc27e88c671cf68015a8d3fb13ef9f45fbe350cef4865389623c57ed655aac1898071b611a7757d9f166bc8e3f706df5247682c