-
intel-microcode (3.20210216.0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode datafile 2021-02-16 (LP: #1927911)
+ Updated Microcodes:
sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864
sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248
sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248
sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752
- CVE-2020-8695 RAPL, INTEL-TA-00389
- CVE-2020-8696 Vector Register Leakage-Active, INTEL-TA-00381
- CVE-2020-8698 Fast forward store predictor, INTEL-TA-00381
-- Alex Murray <email address hidden> Fri, 14 May 2021 16:31:00 +0930
-
intel-microcode (3.20201110.0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY REGRESSION: Some CPUs in the Tiger Lake family sig=0x806c1
fail to boot (LP: #1903883)
- remove 06-8c-01/0x000806c1 microcode
-- Alex Murray <email address hidden> Thu, 12 Nov 2020 09:55:17 +1030
-
intel-microcode (3.20201110.0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode datafile 2020-11-10 (includes
updates from 2020-06-16)
+ New Microcodes:
sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648
sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768
sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520
sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184
sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208
sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184
sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184
+ Updated Microcodes:
sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816
sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472
sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792
sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840
sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224
sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224
sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408
sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360
sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472
sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776
sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568
sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448
sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448
sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448
sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448
sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448
sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448
sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424
sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448
sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424
sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424
sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208
- CVE-2020-8695 RAPL, INTEL-TA-00389
- CVE-2020-8696 Vector Register Leakage-Active, INTEL-TA-00381
- CVE-2020-8698 Fast forward store predictor, INTEL-TA-00381
- Replace releasenote with new releasenote.md from upstream
* Remaining Ubuntu changes:
- debian/initramfs.hook: Do not override preset defaults from
auto-exported conf snippets loaded by initramfs-tools.
-- Alex Murray <email address hidden> Wed, 11 Nov 2020 12:01:22 +1030
-
intel-microcode (3.20200609.0ubuntu0.16.04.1) xenial-security; urgency=medium
* REGRESSION UPDATE: some CPUs in the Skylake family sig=0x406e3
fail to boot (LP: #1882890).
- revert 06-4e-03/0x000406e3 microcode from 0x00dc to 0x00d6
sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
-- Steve Beattie <email address hidden> Wed, 10 Jun 2020 08:50:22 -0700
-
intel-microcode (3.20200609.0ubuntu0.16.04.0) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode datafile 2020-06-09
(includes updates from 2020-05-08 and 2020-05-20)
+ Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432
sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456
sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552
sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456
sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528
sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600
sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336
sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448
sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768
sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816
sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224
sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224
sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448
sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520
sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424
sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424
sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424
sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424
- CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS),
INTEL-SA-00320
- CVE-2020-0548 Vector Register Sampling, INTEL-SA-00329
- CVE-2020-0549 L1D Eviction Sampling, INTEL-SA-00329
- Microcode fixes include update for 0x00050654 to address lockups
on certain Skylake processors (LP: #1854764)
* Remaining changes:
- debian/initramfs.hook: Do not override preset defaults from
auto-exported conf snippets loaded by initramfs-tools.
intel-microcode (3.20200520.1) unstable; urgency=medium
* New upstream microcode datafile 20200520
+ Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432
sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456
intel-microcode (3.20200508.1) unstable; urgency=medium
* New upstream microcode datafile 20200508
+ Updated Microcodes:
sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520
* Likely fixes several critical errata on IceLake-U/Y causing system
hangs
-- Steve Beattie <email address hidden> Tue, 09 Jun 2020 06:32:19 -0700
-
intel-microcode (3.20191115.1ubuntu0.16.04.2) xenial-security; urgency=medium
* REGRESSION UPDATE: warm reboots cause hangs on certain Skylake
processors (LP: #1854764)
+ Reverted microcode (from revision 0x2000065):
sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
-- Steve Beattie <email address hidden> Mon, 02 Dec 2019 12:53:04 -0800
-
intel-microcode (3.20191115.1ubuntu0.16.04.1) xenial-security; urgency=medium
* Backport from debian unstable:
- Unexpected Page Faults in Guest Virtualization
Environment (SKL-188, KBL-144, CFL-136 errata)
* Remaining Ubuntu changes
- debian/initramfs.hook: Do not override preset defaults from
auto-exported conf snippets loaded by initramfs-tools.
intel-microcode (3.20191115.1) unstable; urgency=high
* New upstream microcode datafile 20191115
+ Updated Microcodes:
sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352
sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352
sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352
sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352
sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352
sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352
sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352
sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352
sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136
intel-microcode (3.20191113.1) unstable; urgency=high
* New upstream microcode datafile 20191113
+ SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details
Adds microcode update for CFL-S (Coffe Lake Desktop)
INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117
+ Updated Microcodes (previously removed):
sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
-- Steve Beattie <email address hidden> Tue, 19 Nov 2019 12:51:08 -0800
-
intel-microcode (3.20191112-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode data release 20191112
CVE-2019-11135, CVE-2019-11139
+ New Microcodes:
sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992
sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768
sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200
sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040
sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752
sig 0x000706e5, pf_mask 0x80, 2019-10-07, rev 0x004e, size 103424
sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136
+ Updated Microcodes:
sig 0x000406e3, pf_mask 0xc0, 2019-08-14, rev 0x00d4, size 101376
sig 0x00050654, pf_mask 0xb7, 2019-09-05, rev 0x2000065, size 34816
sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200
sig 0x000506e3, pf_mask 0x36, 2019-08-14, rev 0x00d4, size 101376
sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728
sig 0x000806e9, pf_mask 0x10, 2019-08-14, rev 0x00c6, size 99328
sig 0x000806e9, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 100352
sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328
sig 0x000806eb, pf_mask 0xd0, 2019-08-14, rev 0x00c6, size 100352
sig 0x000806ec, pf_mask 0x94, 2019-08-14, rev 0x00c6, size 100352
sig 0x000906e9, pf_mask 0x2a, 2019-04-30, rev 0x00ba, size 99328
sig 0x000906ea, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
sig 0x000906eb, pf_mask 0x02, 2019-08-14, rev 0x00c6, size 100352
sig 0x000906ed, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
* Remaining Ubuntu changes:
- debian/initramfs.hook: Do not override preset defaults from
auto-exported conf snippets loaded by initramfs-tools.
intel-microcode (3.20190918.1ubuntu1) eoan; urgency=low
* Merge from Debian testing. Remaining changes:
- debian/initramfs.hook: Do not override preset defaults from
auto-exported conf snippets loaded by initramfs-tools.
intel-microcode (3.20190918.1) unstable; urgency=medium
* New upstream microcode datafile 20190918
+ SECURITY UPDATE
*Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
the set of processors being updated.
+ Updated Microcodes:
sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456
-- Steve Beattie <email address hidden> Tue, 12 Nov 2019 10:45:50 -0800
-
intel-microcode (3.20190618.0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode datafile 20190618
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+ Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456
sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
+ Add MDS mitigation support for Sandy Bridge server and Core-X
processor families.(LP: #1830123)
-- Steve Beattie <email address hidden> Thu, 20 Jun 2019 06:44:56 -0700
-
intel-microcode (3.20190514.0ubuntu0.16.04.2) xenial-security; urgency=medium
* Update to final 20190514 microcode update. (LP: #1829745)
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+ New Microcodes:
sig 0x00030678, pf_mask 0x02, 2016.04-22, rev 0x0838, size 52224
sig 0x00030678, pf_mask 0x0c, 2016.04-22, rev 0x0838, size 52224
sig 0x00030679, pf_mask 0x0f, 2016.04-23, rev 0x090c, size 52224
sig 0x000406c3, pf_mask 0x01, 2016.04-23, rev 0x0368, size 69632
sig 0x000406c4, pf_mask 0x01, 2016.04-23, rev 0x0411, size 68608
+ Add MDS mitigation support for Cherry Trail and Bay Trail
processor families.
[ Dimitri John Ledkov ]
* Do not override preset defaults from auto-exported conf snippets
loaded by initramfs-tools. This thus allows other hooks, or
alternative confdir override the built-in defaults at mkinitramfs
time. Specifically to support generating installer/golden/bare-metal
initrds with all microcodes for any hardware.
-- Steve Beattie <email address hidden> Mon, 20 May 2019 22:08:04 -0700
-
intel-microcode (3.20190514.0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: new upstream datafile 20190507
- CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
+ New Microcodes:
sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104
sig 0x00050656, pf_mask 0xbf, 2019-01-28, rev 0x400001c, size 47104
sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
+ Updated Micrcodes:
sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
+ Reinstated Microcodes:
sig 0x00050653, pf_mask 0x97, 2018-01-29, rev 0x1000140, size 30720
intel-microcode (3.20190312.1) unstable; urgency=medium
* New upstream microcode datafile 20190312
+ Removed Microcodes:
sig 0x00050653, pf_mask 0x97, 2018-01-29, rev 0x1000140, size 30720
+ New Microcodes:
sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280
+ Updated Microcodes:
sig 0x000306f2, pf_mask 0x6f, 2018-11-20, rev 0x0041, size 34816
sig 0x000306f4, pf_mask 0x80, 2018-11-06, rev 0x0013, size 17408
sig 0x00050654, pf_mask 0xb7, 2019-01-28, rev 0x200005a, size 33792
sig 0x00050662, pf_mask 0x10, 2018-12-06, rev 0x0019, size 32768
sig 0x00050663, pf_mask 0x10, 2018-12-06, rev 0x7000016, size 23552
sig 0x00050664, pf_mask 0x10, 2018-11-17, rev 0xf000014, size 23552
sig 0x00050665, pf_mask 0x10, 2018-11-17, rev 0xe00000c, size 19456
sig 0x000506c9, pf_mask 0x03, 2018-09-14, rev 0x0036, size 17408
sig 0x000506ca, pf_mask 0x03, 2018-09-20, rev 0x0010, size 15360
sig 0x000706a1, pf_mask 0x01, 2018-09-21, rev 0x002c, size 73728
sig 0x000806e9, pf_mask 0xc0, 2018-07-16, rev 0x009a, size 98304
sig 0x000806ea, pf_mask 0xc0, 2018-10-18, rev 0x009e, size 98304
sig 0x000906e9, pf_mask 0x2a, 2018-07-16, rev 0x009a, size 98304
sig 0x000906ea, pf_mask 0x22, 2018-12-12, rev 0x00aa, size 98304
sig 0x000906eb, pf_mask 0x02, 2018-12-12, rev 0x00aa, size 99328
intel-microcode (3.20180807a.2) unstable; urgency=medium
* Makefile: unblacklist 0x206c2 (Westmere EP)
According to <email address hidden>, on message to LP#1795594
on 2018-10-09, we can ship 0x206c2 updates without restrictions.
Also, there are no reports in the field about this update causing
issues (closes: #907402) (LP: #1795594)
-- Steve Beattie <email address hidden> Mon, 13 May 2019 16:14:32 -0700
-
intel-microcode (3.20180807a.0ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode update to provide L1D cache
flush support to mitigate L1TF (CVE-2018-3646)
- New Microcodes:
sig 0x000206e6, pf_mask 0x04, 2018-05-15, rev 0x000d, size 9216
sig 0x000506c2, pf_mask 0x01, 2018-05-11, rev 0x0014, size 15360
sig 0x000506ca, pf_mask 0x03, 2018-05-11, rev 0x000c, size 14336
sig 0x000506f1, pf_mask 0x01, 2018-05-11, rev 0x0024, size 10240
- Updated Microcodes:
sig 0x000106a5, pf_mask 0x03, 2018-05-11, rev 0x001d, size 12288
sig 0x000106e5, pf_mask 0x13, 2018-05-08, rev 0x000a, size 9216
sig 0x00020652, pf_mask 0x12, 2018-05-08, rev 0x0011, size 9216
sig 0x00020655, pf_mask 0x92, 2018-04-23, rev 0x0007, size 4096
sig 0x000206a7, pf_mask 0x12, 2018-04-10, rev 0x002e, size 12288
sig 0x000206f2, pf_mask 0x05, 2018-05-16, rev 0x003b, size 14336
sig 0x000306a9, pf_mask 0x12, 2018-04-10, rev 0x0020, size 13312
sig 0x000306c3, pf_mask 0x32, 2018-04-02, rev 0x0025, size 23552
sig 0x000306d4, pf_mask 0xc0, 2018-03-22, rev 0x002b, size 18432
sig 0x00040651, pf_mask 0x72, 2018-04-02, rev 0x0024, size 22528
sig 0x00040661, pf_mask 0x32, 2018-04-02, rev 0x001a, size 25600
sig 0x00040671, pf_mask 0x22, 2018-04-03, rev 0x001e, size 13312
sig 0x000406e3, pf_mask 0xc0, 2018-04-17, rev 0x00c6, size 99328
sig 0x00050662, pf_mask 0x10, 2018-05-25, rev 0x0017, size 31744
sig 0x00050663, pf_mask 0x10, 2018-04-20, rev 0x7000013, size 22528
sig 0x00050664, pf_mask 0x10, 2018-04-20, rev 0xf000012, size 22528
sig 0x000506c9, pf_mask 0x03, 2018-05-11, rev 0x0032, size 16384
sig 0x000506e3, pf_mask 0x36, 2018-04-17, rev 0x00c6, size 99328
sig 0x000706a1, pf_mask 0x01, 2018-05-22, rev 0x0028, size 73728
sig 0x000806e9, pf_mask 0xc0, 2018-03-24, rev 0x008e, size 98304
sig 0x000806ea, pf_mask 0xc0, 2018-05-15, rev 0x0096, size 98304
sig 0x000906e9, pf_mask 0x2a, 2018-03-24, rev 0x008e, size 98304
sig 0x000906ea, pf_mask 0x22, 2018-05-02, rev 0x0096, size 97280
sig 0x000906eb, pf_mask 0x02, 2018-03-24, rev 0x008e, size 98304
- Added back upstream but blacklisted by packaging due to the issues
around addressing Intel SA-00030:
sig 0x000206c2, pf_mask 0x03, 2018-05-08, rev 0x001f, size 11264
* Remaining changes from Debian:
- debian/initramfs.hook: Default to early instead of auto, and
install all of the microcode, not just the one matching the
current CPU, if MODULES=most is set in the initramfs-tools config
intel-microcode (3.20180703.2ubuntu1) cosmic; urgency=low
* Merge from Debian unstable (LP: #1783385). Remaining changes:
- debian/initramfs.hook: Default to early instead of auto, and
install all of the microcode, not just the one matching the
current CPU, if MODULES=most is set in the initramfs-tools config
intel-microcode (3.20180703.2) unstable; urgency=medium
* source: fix badly named symlink that resulted in most microcode
updates not being shipped in the binary package. Oops!
intel-microcode (3.20180703.1) unstable; urgency=medium
* New upstream microcode data file 20180703 (closes: #903018)
+ Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2018-05-08, rev 0x061d, size 18432
sig 0x000206d7, pf_mask 0x6d, 2018-05-08, rev 0x0714, size 19456
sig 0x000306e4, pf_mask 0xed, 2018-04-25, rev 0x042d, size 15360
sig 0x000306e7, pf_mask 0xed, 2018-04-25, rev 0x0714, size 17408
sig 0x000306f2, pf_mask 0x6f, 2018-04-20, rev 0x003d, size 33792
sig 0x000306f4, pf_mask 0x80, 2018-04-20, rev 0x0012, size 17408
sig 0x000406f1, pf_mask 0xef, 2018-04-19, rev 0xb00002e, size 28672
sig 0x00050654, pf_mask 0xb7, 2018-05-15, rev 0x200004d, size 31744
sig 0x00050665, pf_mask 0x10, 2018-04-20, rev 0xe00000a, size 18432
+ First batch of fixes for: Intel SA-00115, CVE-2018-3639, CVE-2018-3640
+ SSBD support (Spectre-v4 mitigation) and fix Spectre-v3a for:
Sandybridge server, Ivy Bridge server, Haswell server, Skylake server,
Broadwell server, a few HEDT Core i7/i9 models that are actually gimped
server dies.
* source: update symlinks to reflect id of the latest release, 20180703
-- Steve Beattie <email address hidden> Fri, 24 Aug 2018 11:05:52 -0700
-
intel-microcode (3.20180425.1~ubuntu0.16.04.2) xenial; urgency=medium
* Default to early instead of auto, and install all of the microcode,
not just the one matching the current CPU, if MODULES=most is set
in the initramfs-tools config (LP: #1778738)
-- Julian Andres Klode <email address hidden> Tue, 26 Jun 2018 16:31:30 +0200
-
intel-microcode (3.20180425.1~ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode data file 20180425 to
provide IBRS/IBPB/STIBP microcode support for Spectre variant 2 mitigation
for Pentium Silver N/J5xxx, Celeron N/J4xxx (sig 0x000706a1) and
Xeon E5/E7 v4; Core i7-69xx/68xx (sig 0x000406f1) (LP: #1769043)
- merge from Debian.
intel-microcode (3.20180425.1) unstable; urgency=medium
* New upstream microcode data file 20180425 (closes: #897443, #895878)
+ Updated Microcodes:
sig 0x000406f1, pf_mask 0xef, 2018-03-21, rev 0xb00002c, size 27648
sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728
+ Implements IBRS/IBPB/STIPB support, Spectre-v2 mitigation
+ Note that sig 0x000604f1 has been blacklisted from late-loading
since Debian release 3.20171117.1.
* source: remove undesired list files from microcode directories
* source: switch to microcode-<id>.d/ since Intel dropped .dat
support.
-- Steve Beattie <email address hidden> Thu, 03 May 2018 12:45:47 -0700
-
intel-microcode (3.20180312.0~ubuntu16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: New upstream microcode data file 20180312 to provide
IBRS/IBPB/STIBP microcode support for Spectre variant 2 mitigation
- New Microcodes:
sig 0x00050653, pf mask 0x97, 2018-01-29, rev 0x1000140, size 30720
sig 0x00050665, pf mask 0x10, 2018-01-22, rev 0xe000009, size 18432
- Updated Microcodes:
sig 0x000206a7, pf mask 0x12, 2018-02-07, rev 0x002d, size 12288
sig 0x000206d6, pf mask 0x6d, 2018-01-30, rev 0x061c, size 18432
sig 0x000206d7, pf mask 0x6d, 2018-01-26, rev 0x0713, size 19456
sig 0x000306a9, pf mask 0x12, 2018-02-07, rev 0x001f, size 13312
sig 0x000306c3, pf mask 0x32, 2018-01-21, rev 0x0024, size 23552
sig 0x000306d4, pf mask 0xc0, 2018-01-18, rev 0x002a, size 18432
sig 0x000306e4, pf mask 0xed, 2018-01-25, rev 0x042c, size 15360
sig 0x000306e7, pf mask 0xed, 2018-02-16, rev 0x0713, size 16384
sig 0x000306f2, pf mask 0x6f, 2018-01-19, rev 0x003c, size 33792
sig 0x000306f4, pf mask 0x80, 2018-01-22, rev 0x0011, size 17408
sig 0x00040651, pf mask 0x72, 2018-01-18, rev 0x0023, size 21504
sig 0x00040661, pf mask 0x32, 2018-01-21, rev 0x0019, size 25600
sig 0x00040671, pf mask 0x22, 2018-01-21, rev 0x001d, size 12288
sig 0x000406e3, pf mask 0xc0, 2017-11-16, rev 0x00c2, size 99328
sig 0x00050654, pf mask 0xb7, 2018-01-26, rev 0x2000043, size 28672
sig 0x00050662, pf mask 0x10, 2018-01-22, rev 0x0015, size 31744
sig 0x00050663, pf mask 0x10, 2018-01-22, rev 0x7000012, size 22528
sig 0x00050664, pf mask 0x10, 2018-01-22, rev 0xf000011, size 22528
sig 0x000506e3, pf mask 0x36, 2017-11-16, rev 0x00c2, size 99328
sig 0x000806e9, pf mask 0xc0, 2018-01-21, rev 0x0084, size 98304
sig 0x000806ea, pf mask 0xc0, 2018-01-21, rev 0x0084, size 97280
sig 0x000906e9, pf mask 0x2a, 2018-01-21, rev 0x0084, size 98304
sig 0x000906ea, pf mask 0x22, 2018-01-21, rev 0x0084, size 96256
sig 0x000906eb, pf mask 0x02, 2018-01-21, rev 0x0084, size 98304
- CVE-2017-5715
-- Tyler Hicks <email address hidden> Tue, 13 Mar 2018 20:10:18 +0000
-
intel-microcode (3.20180108.0+really20170707ubuntu16.04.1) xenial-security; urgency=medium
* Revert to 20170707 version of microcode because of regressions on
certain hardware. (LP: #1742933)
-- Marc Deslauriers <email address hidden> Mon, 22 Jan 2018 07:19:36 -0500
-
intel-microcode (3.20180108.0~ubuntu16.04.2) xenial-security; urgency=medium
* New upstream microcode datafile 20180108
+ New Microcodes:
sig 0x000506c9, pf_mask 0x03, 2017-03-25, rev 0x002c, size 16384
sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728
sig 0x000906ea, pf_mask 0x22, 2018-01-04, rev 0x0080, size 97280
sig 0x000906eb, pf_mask 0x02, 2018-01-04, rev 0x0080, size 98304
+ Updated Microcodes:
sig 0x000306c3, pf_mask 0x32, 2017-11-20, rev 0x0023, size 23552
sig 0x000306d4, pf_mask 0xc0, 2017-11-17, rev 0x0028, size 18432
sig 0x000306e4, pf_mask 0xed, 2017-12-01, rev 0x042a, size 15360
sig 0x000306f2, pf_mask 0x6f, 2017-11-17, rev 0x003b, size 33792
sig 0x000306f4, pf_mask 0x80, 2017-11-17, rev 0x0010, size 17408
sig 0x00040651, pf_mask 0x72, 2017-11-20, rev 0x0021, size 22528
sig 0x00040661, pf_mask 0x32, 2017-11-20, rev 0x0018, size 25600
sig 0x00040671, pf_mask 0x22, 2017-11-17, rev 0x001b, size 13312
sig 0x000406e3, pf_mask 0xc0, 2017-11-16, rev 0x00c2, size 99328
sig 0x00050654, pf_mask 0xb7, 2017-12-08, rev 0x200003c, size 27648
sig 0x00050662, pf_mask 0x10, 2017-12-16, rev 0x0014, size 31744
sig 0x00050663, pf_mask 0x10, 2017-12-16, rev 0x7000011, size 22528
sig 0x000506e3, pf_mask 0x36, 2017-11-16, rev 0x00c2, size 99328
sig 0x000806e9, pf_mask 0xc0, 2018-01-04, rev 0x0080, size 98304
sig 0x000806ea, pf_mask 0xc0, 2018-01-04, rev 0x0080, size 98304
sig 0x000906e9, pf_mask 0x2a, 2018-01-04, rev 0x0080, size 98304
* source: remove unneeded intel-ucode/ directory
* source: remove superseded upstream data file: 20170707
-- Marc Deslauriers <email address hidden> Tue, 09 Jan 2018 13:28:52 -0500
-
intel-microcode (3.20170707.1~ubuntu16.04.0) xenial; urgency=medium
* Sync of new upstream microcode release to address Skylake, Kaby Lake
Hyper Threading bug. This is a sync of the dat files from artful
version 3.20170707.1 (LP: #1700373)
* New upstream microcode datafile 20170707
+ New Microcodes:
sig 0x00050654, pf_mask 0x97, 2017-06-01, rev 0x2000022, size 25600
sig 0x000806e9, pf_mask 0xc0, 2017-04-27, rev 0x0062, size 97280
sig 0x000806ea, pf_mask 0xc0, 2017-05-23, rev 0x0066, size 95232
sig 0x000906e9, pf_mask 0x2a, 2017-04-06, rev 0x005e, size 97280
+ This release fixes the nightmare-level errata SKZ7/SKW144/SKL150/
SKX150 (Skylake) KBL095/KBW095 (Kaby Lake) for all affected Kaby
Lake and Skylake processors: Skylake D0/R0 were fixed since the
previous upstream release (20170511). This new release adds the
fixes for Kaby Lake Y0/B0/H0 and Skylake H0 (Skylake-E/X).
+ Fix undisclosed errata in Skylake H0 (0x50654), Kaby Lake Y0
(0x806ea), Kaby Lake H0 (0x806e9), Kaby Lake B0 (0x906e9)
* source: removed superseded upstream dat files: 20101123, 20151106
This brings dat files in sync with those shipped in Arful.
* Updated Intel changelog to reflect dat file sync.
-- Dave Chiluk <email address hidden> Wed, 12 Jul 2017 21:46:36 -0500
-
intel-microcode (3.20151106.1) unstable; urgency=medium
* New upstream microcode data file 20151106
+ New Microcodes:
sig 0x000306f4, pf mask 0x80, 2015-07-17, rev 0x0009, size 14336
sig 0x00040671, pf mask 0x22, 2015-08-03, rev 0x0013, size 11264
+ Updated Microcodes:
sig 0x000306a9, pf mask 0x12, 2015-02-26, rev 0x001c, size 12288
sig 0x000306c3, pf mask 0x32, 2015-08-13, rev 0x001e, size 21504
sig 0x000306d4, pf mask 0xc0, 2015-09-11, rev 0x0022, size 16384
sig 0x000306f2, pf mask 0x6f, 2015-08-10, rev 0x0036, size 30720
sig 0x00040651, pf mask 0x72, 2015-08-13, rev 0x001d, size 20480
* This massive Haswell + Broadwell (and related Xeons) update fixes
several critical errata, including the high-hitting BDD86/BDM101/
HSM153(?) which triggers an MCE and locks the processor core
(LP: #1509764)
* Might fix critical errata BDD51, BDM53 (TSX-related)
* source: remove superseded upstream data file: 20150121
* Add support for supplementary microcode bundles:
+ README.source: update and mention supplementary microcode
+ Makefile: support supplementary microcode
Add support for supplementary microcode bundles, which (unlike .fw
microcode override files) can be superseded by a higher revision
microcode from the latest regular microcode bundle. Also, fix the
"oldies" target to have its own exclude filter (IUC_OLDIES_EXCLUDE)
* Add support for x32 arch:
+ README.source: mention x32
+ control,rules: enable building on x32 arch (Closes: #777356)
* ucode-blacklist: add Broadwell and Haswell-E signatures
Add a missing signature for Haswell Refresh (Haswell-E) to the "must
be updated only by the early microcode update driver" list. There is
at least one report of one of the Broadwell microcode updates disabling
TSX-NI, so add them as well just in case
-- Henrique de Moraes Holschuh <email address hidden> Mon, 09 Nov 2015 23:07:32 -0200
-
intel-microcode (3.20150121.1) unstable; urgency=critical
* New upstream microcode data file 20150121
* Downgraded microcodes (to a previously shipped revision):
sig 0x000306f2, pf mask 0x6f, 2014-09-03, rev 0x0029, size 28672
* The microcode downgrade fixes a very nasty regression on Xeon E5v3
processors (closes: #776431)
* critical urgency: the broken sig 0x306f2, rev 0x2b microcode shipped
in release 20150107 caused CPU core hangs and Linux boot failures.
The upstream fix was to downgrade it to the same microcode revision
that was shipped in release 20140913
* source: remove superseded upstream data file: 20150107.
* initramfs.hook: do not mix arrays and lists.
Avoid echo "foo $@", use echo "foo $*" instead. This is unlikely
to be expĺoitable, but it makes ShellCheck happier.
-- Henrique de Moraes Holschuh <email address hidden> Wed, 28 Jan 2015 20:03:20 -0200
