.gitignore

@@ -1,9 +1,7 @@
-SOURCES/06-2d-07
-SOURCES/06-4e-03
-SOURCES/06-55-04
-SOURCES/06-55-06
-SOURCES/06-5e-03
-SOURCES/06-8f-08
-SOURCES/microcode-20190918.tar.gz
-SOURCES/microcode-20191115.tar.gz
-SOURCES/microcode-20250812.tar.gz
+/microcode-*.tar.gz
+/06-2d-07
+/06-4e-03
+/06-55-04
+/06-55-06
+/06-5e-03
+/06-8f-08

.microcode_ctl.metadata

@@ -1,9 +0,0 @@
-bcf2173cd3dd499c37defbc2533703cfa6ec2430 SOURCES/06-2d-07
-06432a25053c823b0e2a6b8e84e2e2023ee3d43e SOURCES/06-4e-03
-2e405644a145de0f55517b6a9de118eec8ec1e5a SOURCES/06-55-04
-01a4238bf65e14179cfc1bc592cce0666306e217 SOURCES/06-55-06
-86c60ee7d5d0d7115a4962c1c61ceecb0fd3a95a SOURCES/06-5e-03
-adf8b6aa2718ff16f3d19d34ec389270073d2b5e SOURCES/06-8f-08
-bc20d6789e6614b9d9f88ee321ab82bed220f26f SOURCES/microcode-20190918.tar.gz
-774636f4d440623b0ee6a2dad65260e81208074d SOURCES/microcode-20191115.tar.gz
-8ea689fb524531a4fa84a1830090d8c4bdb6162b SOURCES/microcode-20250812.tar.gz

0016-releasenote.md-use-new-lines-consistently.patch

@@ -19,14 +19,6 @@ diff --git a/releasenote.md b/releasenote.md
 index 0cdfa20..3c700b5 100644
 --- a/releasenote.md
 +++ b/releasenote.md
-@@ -156,6 +156,7 @@
- |:---------------|:---------|:------------|:---------|:---------|:---------
- | CFL-H/S        | P0       | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9
- 
-+
- ## [microcode-20241112](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112)
- 
- ### Purpose
 @@ -164,6 +165,7 @@
  - Security updates for [INTEL-SA-01079](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html)
  - Updated security updates for [INTEL-SA-01097](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html)

0017-releasenote.md-add-information-about-removal-of-CLX-.patch

@@ -31,7 +31,7 @@ index 3c700b5..d42e9ad 100644
 +| CLX-SP         | B0       | 06-55-06/bf | 04003605 |          | Xeon Scalable Gen2
 +| EMR-SP         | A0       | 06-cf-01/87 | 21000291 |          | Xeon Scalable Gen5
 +
- 
+ # Release Notes
  ## [microcode-20250211](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211)
  
 -- 

0101-releasenote.md-drop-Removed-Platforms-from-microcode.patch

@@ -17,7 +17,7 @@ diff --git a/releasenote.md b/releasenote.md
 index d42e9ad..e46f6f0 100644
 --- a/releasenote.md
 +++ b/releasenote.md
-@@ -85,13 +85,6 @@
+@@ -188,13 +188,6 @@
  | TWL            | N0       | 06-be-00/19 | 0000001c | 0000001d | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
  | WHL-U          | V0       | 06-8e-0c/94 | 000000fc | 00000100 | Core Gen8 Mobile
  
@@ -28,10 +28,10 @@ index d42e9ad..e46f6f0 100644
 -| CLX-SP         | B0       | 06-55-06/bf | 04003605 |          | Xeon Scalable Gen2
 -| EMR-SP         | A0       | 06-cf-01/87 | 21000291 |          | Xeon Scalable Gen5
 -
- 
+ # Release Notes
  ## [microcode-20250211](https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250211)
  
-@@ -149,14 +142,6 @@
+@@ -252,14 +245,6 @@
  | SPR-SP         | E5/S3    | 06-8f-08/87 | 2b000603 | 2b000620 | Xeon Scalable Gen4
  | TWL            | N0       | 06-be-00/19 | 0000001a | 0000001c | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E
  

06-8f-08_config

@@ -1,5 +1,5 @@
 model GenuineIntel 06-8f-08
-path intel-ucode/06-87-08
+path intel-ucode/06-8f-08
 ## A possible way to disable 0x2b000603 and newer microcode on SPR-EE by default
 ## Based on https://cdrdv2.intel.com/v1/dl/getcontent/772415
 ## and https://cdrdv2.intel.com/v1/dl/getcontent/784461

README.caveats

@@ -10,8 +10,8 @@ behaviour.
 
 General behaviour
 =================
-In RHEL 8 (as well as RHEL 7 before it), there are currently two main handlers
-for CPU microcode update:
+In RHEL 9 (as well as in RHEL 7 and RHEL 8 before it), there are currently
+two main handlers for CPU microcode update:
  * Early microcode update. It uses GenuineIntel.bin or AuthenticAMD.bin file
    placed at the beginning of an initramfs image
    (/boot/initramfs-KERNEL_VERSION.img, where "KERNEL_VERSION" is a kernel
@@ -45,10 +45,10 @@ zero-filled.
 
 The early microcode is placed into initramfs image by the "dracut" script, which
 scans the aforementioned subdirectories of the configured list of firmware
-directories (by default, the list consists of two directories in RHEL 8,
+directories (by default, the list consists of two directories in RHEL 9,
 "/lib/firmware/updates" and "/lib/firmware").
 
-In RHEL 8, AMD CPU microcode is shipped as a part of the linux-firmware package,
+In RHEL 9, AMD CPU microcode is shipped as a part of the linux-firmware package,
 and Intel microcode is shipped as a part of the microcode_ctl package.
 
 The microcode_ctl package currently includes the following:
@@ -613,7 +613,7 @@ Mitigation: microcode loading is disabled for the affected CPU model.
 
 Minimum versions of the kernel package that contain the aforementioned patch
 series:
- - Upstream/RHEL 8: 4.17.0
+ - Upstream/RHEL 8/RHEL 9: 4.17.0
  - RHEL 7.6 onwards:  3.10.0-894
  - RHEL 7.5:  3.10.0-862.6.1
  - RHEL 7.4:  3.10.0-693.35.1
@@ -628,7 +628,7 @@ series:
 
 Early microcode load inside a virtual machine
 ---------------------------------------------
-RHEL 8 kernel supports performing microcode update during early boot stage
+RHEL 9 kernel supports performing microcode update during early boot stage
 from a cpio archive placed at the beginning of the initramfs image.  However,
 when an early microcode update is attempted inside some virtualised
 environments, that may result in unexpected system behaviour.
@@ -643,7 +643,7 @@ Mitigation: early microcode loading is disabled for all CPU models on kernels
 without the fix.
 
 Minimum versions of the kernel package that contain the fix:
- - Upstream/RHEL 8: 4.10.0
+ - Upstream/RHEL 8/RHEL 9: 4.10.0
  - RHEL 7.6 onwards: 3.10.0-930
  - RHEL 7.5: 3.10.0-862.14.1
  - RHEL 7.4: 3.10.0-693.38.1

gating.yaml

@@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: kernel-qe.kernel-ci.hardware-microcode_ctl.tier0.functional}

gen_provides.sh

@@ -43,25 +43,43 @@ for f in $(grep -E '/intel-ucode.*/[0-9a-f][0-9a-f]-[0-9a-f][0-9a-f]-[0-9a-f][0-
 
 			# ext_sig, 12 bytes in size
 			IFS=' ' read cpuid pf_mask <<- EOF
-			$(hexdump -s "$skip" -n 8 \
-				-e '"" 1/4 "%08x " 1/4 "%u" "\n"' "$f")
+			$(dd if="$f" ibs=1 skip="$skip" count=8 status=none \
+				| xxd -e -g4 | xxd -r | hexdump -n 8 \
+				-e '"" 4/1 "%02x" " 0x" 4/1 "%02x" "\n"')
 			EOF
+			# Converting values from the constructed %#08x format
+			pf_mask="$((pf_mask))"
 
 			skip="$((skip + 12))"
 			ext_sig_pos="$((ext_sig_pos + 1))"
 		else
 			# Microcode header, 48 bytes, last 3 fields reserved
+			# cksum, ldrver are ignored
 			IFS=' ' read hdrver rev \
-			       date_y date_d date_m \
+			       date_m date_d date_y \
 			       cpuid cksum ldrver \
 			       pf_mask datasz totalsz <<- EOF
-			$(hexdump -s "$skip" -n 36 \
-				-e '"" 1/4 "%u " 1/4 "%#x " \
-			               1/2 "%04x " 1/1 "%02x " 1/1 "%02x " \
-				       1/4 "%08x " 1/4 "%x " 1/4 "%#x " \
-				       1/4 "%u " 1/4 "%u " 1/4 "%u" "\n"' "$f")
+			$(dd if="$f" ibs=1 skip="$skip" count=36 status=none \
+				| xxd -e -g4 | xxd -r | hexdump -n 36 \
+				-e '"0x" 4/1 "%02x" " 0x" 4/1 "%02x" " " \
+			               1/1 "%02x " 1/1 "%02x " 2/1 "%02x" " " \
+				       4/1 "%02x" " 0x" 4/1 "%02x" " 0x" 4/1 "%02x" \
+				       " 0x" 4/1 "%x" \
+				       " 0x" 4/1 "%02x" " 0x" 4/1 "%02x" "\n"')
 			EOF
 
+			# Converting values from the constructed %#08x format
+			rev="$(printf '%#x' "$((rev))")"
+			pf_mask="$((pf_mask))"
+			datasz="$((datasz))"
+			totalsz="$((totalsz))"
+
+			# Skipping files with unexpected hdrver value
+			[ 1 = "$((hdrver))" ] || {
+				echo "$f+$skip@$file_sz: incorrect hdrver $((hdrver))" >&2
+				break
+			}
+
 			[ 0 != "$datasz" ] || datasz=2000
 			[ 0 != "$totalsz" ] || totalsz=2048
 
@@ -80,9 +98,12 @@ for f in $(grep -E '/intel-ucode.*/[0-9a-f][0-9a-f]-[0-9a-f][0-9a-f]-[0-9a-f][0-
 				# ext_sig table header, 20 bytes in size,
 				# last 3 fields are reserved.
 				IFS=' ' read ext_sig_cnt  <<- EOF
-				$(hexdump -s "$skip" -n 4 \
-					-e '"" 1/4 "%u" "\n"' "$f")
+				$(dd if="$f" ibs=1 skip="$skip" count=4 status=none \
+					| xxd -e -g4 | hexdump -n 4 \
+					-e '"0x" 4/1 "%02x" "\n"')
 				EOF
+				# Converting values from the constructed format
+				ext_sig_cnt="$((ext_sig_cnt))"
 
 				skip="$((skip + 20))"
 			else

gen_updates2.py

@@ -144,7 +144,7 @@ def read_revs_dir(path, args, src=None, ret=None):
                 offs = 0
                 while offs < sz:
                     f.seek(offs, os.SEEK_SET)
-                    hdr = struct.unpack("IiIIIIIIIIII", f.read(48))
+                    hdr = struct.unpack("<IiIIIIIIIIII", f.read(48))
                     ret.append({"path": rp, "src": src or path,
                                 "cpuid": hdr[3], "pf": hdr[6], "rev": hdr[1],
                                 "date": hdr[2], "offs": offs, "cksum": hdr[4],
@@ -152,7 +152,7 @@ def read_revs_dir(path, args, src=None, ret=None):
 
                     if hdr[8] and hdr[8] - hdr[7] > 48:
                         f.seek(hdr[7], os.SEEK_CUR)
-                        ext_tbl = struct.unpack("IIIII", f.read(20))
+                        ext_tbl = struct.unpack("<IIIII", f.read(20))
                         log_status("Found %u extended signatures for %s:%#x" %
                                    (ext_tbl[0], rp, offs), level=1)
 
@@ -160,7 +160,7 @@ def read_revs_dir(path, args, src=None, ret=None):
                         ext_sig_cnt = 0
                         while cur_offs < offs + hdr[8] \
                                 and ext_sig_cnt <= ext_tbl[0]:
-                            ext_sig = struct.unpack("III", f.read(12))
+                            ext_sig = struct.unpack("<III", f.read(12))
                             ignore = args.ignore_ext_dups and \
                                 (ext_sig[0] == hdr[3])
                             if not ignore:

microcode_ctl.spec

@@ -1,5 +1,4 @@
-%define intel_ucode_version 20250812
-%global debug_package %{nil}
+%define intel_ucode_version 20251111
 
 %define caveat_dir %{_datarootdir}/microcode_ctl/ucode_with_caveats
 %define microcode_ctl_libexec %{_libexecdir}/microcode_ctl
@@ -137,8 +136,6 @@ Source1000:     gen_provides.sh
 Source1001:     codenames.list
 Source1002:     gen_updates2.py
 
-ExclusiveArch:  %{ix86} x86_64
-
 Patch0001:      0001-releasenote.md-cleanup-eliminated-usage-of-U-0080.patch
 Patch0002:      0002-releasenote.md-remove-excess-Release-Notes-headers.patch
 Patch0003:      0003-releasenote.md-sort-the-entries-of-the-20230808-rele.patch
@@ -160,9 +157,12 @@ Patch0017:      0017-releasenote.md-add-information-about-removal-of-CLX-.patch
 # RHEL-only
 Patch0101:      0101-releasenote.md-drop-Removed-Platforms-from-microcode.patch
 
+BuildArch:      noarch
 BuildRequires:  systemd-units
-# hexdump is used in gen_provides.sh
-BuildRequires:  coreutils util-linux
+# dd, hexdump, and xxd are used in gen_provides.sh
+BuildRequires:  coreutils util-linux /usr/bin/xxd
+# gen_updates2.py requires python interpreter
+BuildRequires:  /usr/bin/python3
 Requires:       coreutils
 Requires(post): systemd coreutils
 Requires(preun): systemd coreutils
@@ -398,7 +398,7 @@ install -m 644 "%{SOURCE193}" "%{spr_inst_dir}/disclaimer"
 # SUMMARY.intel-ucode generation
 # It is to be done only after file population, so, it is here,
 # at the end of the install stage
-/usr/libexec/platform-python "%{SOURCE1002}" -C "%{SOURCE1001}" \
+/usr/bin/python3 "%{SOURCE1002}" -C "%{SOURCE1001}" \
 	summary -A "%{buildroot}" \
 	> "%{buildroot}/%{_pkgdocdir}/SUMMARY.intel-ucode"
 
@@ -636,6 +636,38 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Mon Nov 24 2025 Denys Vlasenko <dvlasenk@redhat.com> - 4:20251111-1
+- Fix typo in /usr/share/microcode_ctl/ucode_with_caveats/intel-06-8f-08/config
+- Update Intel CPU microcode to microcode-20251111 release (RHEL-128199)
+- New microcode files (in hex):
+  06-ae-01: Granite Rapids-D: revision 1000273
+- Microcode files (/platform_mask shown) with revision updates (in hex):
+  06-8f-07/87: Sapphire Rapids: 2b000643 to 2b000650
+  06-8f-08/10: Sapphire Rapids with HBM: 2c000401 to 2c000410
+  06-8f-08/87: Sapphire Rapids: 2b000643 to 2b000650
+  06-97-02/07: Alder Lake: 003a to 003d
+  06-97-05/07: Alder Lake: 003a to 003d
+  06-9a-03/80: Alder Lake-L: 0437 to 043a
+  06-9a-04/80: Alder Lake-L: 0437 to 043a
+  06-9a-04/40: Arizona Beach (Atom C11xx): 000a to 000b
+  06-ad-01/95: Granite Rapids-X: 10003d0 to 10003f0
+  06-ad-01/20: Granite Rapids-X: a000100 to a000124
+  06-af-03/01: Crestmont (Sierra Forest): 3000362 to 3000382
+  06-b7-01/32: Raptor Lake: 012f to 0132
+  06-ba-02/e0: Raptor Lake-P: 4129 to 6133
+  06-ba-03/e0: Raptor Lake-P: 4129 to 6133
+  06-bd-01/80: Lunar Lake: 0123 to 0125
+  06-be-00/19: Gracemont (Alder Lake-N): 001d to 001e
+  06-bf-02/07: Raptor Lake-S: 003a to 003d
+  06-bf-05/07: Raptor Lake-S: 003a to 003d
+  06-c5-02/82: Arrow Lake-H: 0119 to 011a
+  06-c6-02/82: Arrow Lake: 0119 to 011a
+  06-cf-02/87: Emerald Rapids: 210002b3 to 210002c0
+- Fixes errata RPL070/ADL083/LNL047/ARL054/SPR154/EMR147:
+  "REP SCASB, REP CMPSB may return incorrect results when racing
+  memory access with another core or thread" on Raptor Lake,
+  Alder Lake, Lunar Lake, Arrow Lake, Sapphire Rapids, Emerald Rapids.
+
 * Wed Aug 20 2025 Denys Vlasenko <dvlasenk@redhat.com> - 4:20250812-1
 - Update Intel CPU microcode to microcode-20250812 release
   - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000404
@@ -716,11 +748,11 @@ rm -rf %{buildroot}
 * Tue Jun 10 2025 Denys Vlasenko <dvlasenk@redhat.com> - 4:20250512-1
 - Add a caveat to provide ability to persistently disable SPR-EE updates
   beyond 0x2b0005c0 on systems where absence of latency spikes
-  is more important than lack of the latest CVE mitigations (RHEL-95245)
+  is more important than lack of the latest CVE mitigations.
 - Update Intel CPU microcode to microcode-20250512 release, addresses
   CVE-2024-28956, CVE-2025-20103, CVE-2025-20054, CVE-2024-43420,
   CVE-2025-20623, CVE-2024-45332, CVE-2025-24495, CVE-2025-20012
-  (RHEL-92231)
+  (RHEL-94294, RHEL-91231, RHEL-91224, RHEL-91224, RHEL-91239)
   - Addition of 06-8f-04/0x10 microcode (in
     intel-06-8f-08/intel-ucode/06-8f-08) at revision 0x2c0003f7;
   - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
@@ -940,8 +972,9 @@ rm -rf %{buildroot}
 - Update Intel CPU microcode to microcode-20250211 release, addresses
   CVE-2023-34440, CVE-2023-43758, CVE-2024-24582, CVE-2024-28047,
   CVE-2024-28127, CVE-2024-29214, CVE-2024-31068, CVE-2024-31157,
-  CVE-2024-37020, CVE-2024-39279, CVE-2024-39355, CVE-2024-36293 (RHEL-79195,
-  RHEL-79197, RHEL-79198, RHEL-79213, RHEL-79216):
+  CVE-2024-37020, CVE-2024-39279, CVE-2024-39355, CVE-2024-36293 (RHEL-79182,
+  RHEL-79186, RHEL-79187, RHEL-79242, RHEL-79243, RHEL-79246, RHEL-79251,
+  RHEL-79252):
   - Addition of 06-bf-06/0x07 microcode (in intel-ucode/06-97-02) at
     revision 0x38;
   - Addition of 06-bf-07/0x07 microcode (in intel-ucode/06-97-02) at
@@ -1111,7 +1144,7 @@ rm -rf %{buildroot}
 
 * Tue Nov 19 2024 Eugene Syromiatnikov <esyr@redhat.com> - 4:20241112-1
 - Update Intel CPU microcode to microcode-20241112 release, addresses
-  CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984 (RHEL-67344):
+  CVE-2024-21820, CVE-2024-21853, CVE-2024-23918, CVE-2024-23984 (RHEL-67336):
   - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
     intel-ucode/06-8f-05) from revision 0x2b0005c0 up to 0x2b000603;
   - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0005c0
@@ -1225,7 +1258,7 @@ rm -rf %{buildroot}
 * Mon Sep 23 2024 Eugene Syromiatnikov <esyr@redhat.com> - 4:20240910-1
 - Update Intel CPU microcode to microcode-20240910 release, addresses
   CVE-2024-23984, CVE-2024-24853, CVE-2024-24968, CVE-2024-24980,
-  CVE-2024-25939 (RHEL-59081):
+  CVE-2024-25939 (RHEL-58057):
   - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
     intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb6 up to 0xb8;
   - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
@@ -1351,8 +1384,8 @@ rm -rf %{buildroot}
 - Update Intel CPU microcode to microcode-20240531 release, addresses
   CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575,
   CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733,
-  CVE-2023-46103, CVE-2023-49141 (RHEL-30859, RHEL-30862, RHEL-30865,
-  RHEL-30868, RHEL-30871, RHEL-41093, RHEL-41108):
+  CVE-2023-46103, CVE-2023-49141 (RHEL-30861, RHEL-30864, RHEL-30867,
+  RHEL-30870, RHEL-30873, RHEL-41094, RHEL-41109):
   - Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c;
   - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at
     revision 0x4121;
@@ -1726,8 +1759,8 @@ rm -rf %{buildroot}
 
 * Thu Aug 10 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230808-1
 - Update Intel CPU microcode to microcode-20230808 release, addresses
-  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213125, #2223993, #2230678,
-  #2230690):
+  CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213124, #2223992, #2230677,
+  #2230689):
   - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
     intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
     to 0x2007006;
@@ -1927,7 +1960,7 @@ rm -rf %{buildroot}
     to 0x11 (old pf 0x1).
 
 * Mon Aug 07 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230516-1
-- Update Intel CPU microcode to microcode-20230516 release (#2213125):
+- Update Intel CPU microcode to microcode-20230516 release (#2213124):
   - Addition of 06-be-00/0x01 (ADL-N A0) microcode at revision 0x10;
   - Addition of 06-9a-04/0x40 (AZB A0) microcode at revision 0x4;
   - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
@@ -2100,19 +2133,19 @@ rm -rf %{buildroot}
 
 * Tue Aug 01 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-4
 - Avoid spurious find failures due to calls on directories that may not exist
-  (#2231065).
+  (#2225681).
 
 * Wed Jun 28 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-3
 - Force locale to C in check_caveats, reload_microcode, and update_ucode
-  (#2218096).
+  (#2218104).
 
 * Tue Jun 06 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-2
-- Cleanup the dangling symlinks in update_ucode (#2135376).
+- Cleanup the dangling symlinks in update_ucode (#2213022).
 
 * Wed Feb 15 2023 Eugene Syromiatnikov <esyr@redhat.com> - 4:20230214-1
 - Update Intel CPU microcode to microcode-20230214 release, addresses
-  CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171234,
-  #2171259):
+  CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171237,
+  #2171262):
   - Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000211;
   - Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
     0x2b000181;
@@ -2288,11 +2321,11 @@ rm -rf %{buildroot}
 
 * Tue Oct 25 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-2
 - Change the logger severity level to warning to align with the kmsg one
-  (#2136224).
+  (#2136506).
 
 * Tue Aug 09 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220809-1
 - Update Intel CPU microcode to microcode-20220510 release, addresses
-  CVE-2022-21233 (#2115667):
+  CVE-2022-21233 (#2115663):
   - Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
     intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006d05 up
     to 0x2006e05;
@@ -2355,7 +2388,8 @@ rm -rf %{buildroot}
 
 * Tue May 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220510-1
 - Update Intel CPU microcode to microcode-20220510 release, addresses
-  CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2086743):
+  CVE-2022-0005, CVE-2022-21131, CVE-2022-21136, CVE-2022-21151 (#2090248,
+  #2090261, #2086751, #2040069):
   - Addition of 06-97-02/0x03 (ADL-HX C0) microcode at revision 0x1f;
   - Addition of 06-97-05/0x03 (ADL-S 6+0 K0) microcode (in
     intel-ucode/06-97-02) at revision 0x1f;
@@ -2478,13 +2512,8 @@ rm -rf %{buildroot}
     to 0x53.
 
 * Thu Feb 10 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220207-1
-- Update Intel CPU microcode to microcode-20220207 release:
-  - Fixes in releasenote.md file.
-
-* Mon Feb 07 2022 Eugene Syromiatnikov <esyr@redhat.com> - 4:20220204-1
-- Update Intel CPU microcode to microcode-20220204 release, addresses
-  CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#1971906, #2049543,
-  #2049554, #2049571):
+- Update Intel CPU microcode to microcode-20220207 release, addresses
+  CVE-2021-0127, CVE-2021-0145, and CVE-2021-33120 (#2053253):
   - Removal of 06-86-04/0x01 (SNR B0) microcode at revision 0xb00000f;
   - Removal of 06-86-05/0x01 (SNR B1) microcode (in intel-ucode/06-86-04)
     at revision 0xb00000f;
@@ -2588,6 +2617,10 @@ rm -rf %{buildroot}
   - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x40 up
     to 0x50.
 
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 4:20210608-2
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
 * Mon Jul 05 2021 Eugene Syromiatnikov <esyr@redhat.com> - 4:20210608-1
 - Update Intel CPU microcode to microcode-20210608 release (#1921773):
   - Fixes in releasenote.md file.

sources

@@ -0,0 +1,9 @@
+SHA512 (microcode-20190918.tar.gz) = 82e5212238d3e35470d139240d9157877ac252725598ec31bfe1763755681539a4ecdf24e04c4e4270215578a9ca3c063c8fc353accf99999c3d4ac2780a6e0c
+SHA512 (microcode-20191115.tar.gz) = 11014c16bde83ac290bc75e458242f5e64b8dffd49de2e938f61f4a09979cd5e80dd1a85d2ccbac067e4398dc3d93ef3583e4aa9b2e545ba46d26e65ec1e2881
+SHA512 (microcode-20251111.tar.gz) = a11ded3158d761ae68258ca61a15014258d68ea28e9e9c94c125a49490a1df0f4b5c6cc37e97b42d84594760e455a1444feb2106e920ea6dd09934e545d92188
+SHA512 (06-2d-07) = 631ec8ad8ad3c9b32d9569689f673010d26c13c7cc377d66b8fc5150de52485076d1514ba867dfa4f468889a31d6701cd8a0789d465ad069d98c8ea0f5bd3204
+SHA512 (06-4e-03) = 248066b521bf512b5d8e4a8c7e921464ce52169c954d6e4ca580d8c172cd789519e22b4cf56c212e452b4191741f0202019f7061d322c9433b5af9ce5413b567
+SHA512 (06-55-04) = db2783cd62680510a7105e7c3fd9d5fffac6a33159ba811f4669f8afb9a5badde4c009bf1868e6a53eb3ac2286812404127bcd45fcbc65fe004788e25ae3e222
+SHA512 (06-55-06) = 0045a5a0cf88a91b1a0b544d5674cdf7be44467b4a160b28304b5a221d3de4fab3f99ad5ec2ebc15ad73a9ca938baba7d8c72164132ea189a7a4ed9b83306223
+SHA512 (06-5e-03) = 7841c1f27b10016943d448f49fc27e88c671cf68015a8d3fb13ef9f45fbe350cef4865389623c57ed655aac1898071b611a7757d9f166bc8e3f706df5247682c
+SHA512 (06-8f-08) = 972bde0bf664679891e4bb3740fd3e55fb5b36f288df29e2f5936e6e472a9f14f0c5be58e9f604d5e3f08c06d43bce7d749f66c07698f9cb885b7f016377bda7