Change logs for intel-microcode source package in Xenial

  • intel-microcode (3.20210216.0ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode datafile 2021-02-16 (LP: #1927911)
        + Updated Microcodes:
          sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864
          sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248
          sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248
          sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752
        - CVE-2020-8695 RAPL, INTEL-TA-00389
        - CVE-2020-8696 Vector Register Leakage-Active, INTEL-TA-00381
        - CVE-2020-8698 Fast forward store predictor, INTEL-TA-00381
    
     -- Alex Murray <email address hidden>  Fri, 14 May 2021 16:31:00 +0930
  • intel-microcode (3.20201110.0ubuntu0.16.04.2) xenial-security; urgency=medium
    
      * SECURITY REGRESSION: Some CPUs in the Tiger Lake family sig=0x806c1
        fail to boot (LP: #1903883)
        - remove 06-8c-01/0x000806c1 microcode
    
     -- Alex Murray <email address hidden>  Thu, 12 Nov 2020 09:55:17 +1030
  • intel-microcode (3.20201110.0ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode datafile 2020-11-10 (includes
        updates from 2020-06-16)
        + New Microcodes:
          sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648
          sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768
          sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520
          sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184
          sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208
          sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184
          sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184
        + Updated Microcodes:
          sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816
          sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472
          sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792
          sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840
          sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224
          sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224
          sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408
          sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360
          sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472
          sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776
          sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568
          sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448
          sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448
          sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448
          sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448
          sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448
          sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448
          sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424
          sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448
          sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424
          sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424
          sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208
        - CVE-2020-8695 RAPL, INTEL-TA-00389
        - CVE-2020-8696 Vector Register Leakage-Active, INTEL-TA-00381
        - CVE-2020-8698 Fast forward store predictor, INTEL-TA-00381
        - Replace releasenote with new releasenote.md from upstream
      * Remaining Ubuntu changes:
        - debian/initramfs.hook: Do not override preset defaults from
          auto-exported conf snippets loaded by initramfs-tools.
    
     -- Alex Murray <email address hidden>  Wed, 11 Nov 2020 12:01:22 +1030
  • intel-microcode (3.20200609.0ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * REGRESSION UPDATE: some CPUs in the Skylake family sig=0x406e3
        fail to boot (LP: #1882890).
        - revert 06-4e-03/0x000406e3 microcode from 0x00dc to 0x00d6
          sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
    
     -- Steve Beattie <email address hidden>  Wed, 10 Jun 2020 08:50:22 -0700
  • intel-microcode (3.20200609.0ubuntu0.16.04.0) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode datafile 2020-06-09
        (includes updates from 2020-05-08 and 2020-05-20)
        + Updated Microcodes:
          sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432
          sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456
          sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552
          sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456
          sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528
          sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600
          sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336
          sig 0x000406e3, pf_mask 0xc0, 2020-04-27, rev 0x00dc, size 104448
          sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768
          sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816
          sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224
          sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224
          sig 0x000506e3, pf_mask 0x36, 2020-04-27, rev 0x00dc, size 104448
          sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520
          sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424
          sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
          sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
          sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424
          sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424
          sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424
          sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
          sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424
          sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
          sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424
        - CVE-2020-0543 Special Register Buffer Data Sampling (SRBDS),
          INTEL-SA-00320
        - CVE-2020-0548 Vector Register Sampling, INTEL-SA-00329
        - CVE-2020-0549 L1D Eviction Sampling, INTEL-SA-00329
        - Microcode fixes include update for 0x00050654 to address lockups
          on certain Skylake processors (LP: #1854764)
      * Remaining changes:
        - debian/initramfs.hook: Do not override preset defaults from
          auto-exported conf snippets loaded by initramfs-tools.
    
    intel-microcode (3.20200520.1) unstable; urgency=medium
    
      * New upstream microcode datafile 20200520
        + Updated Microcodes:
          sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432
          sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456
    
    intel-microcode (3.20200508.1) unstable; urgency=medium
    
      * New upstream microcode datafile 20200508
        + Updated Microcodes:
          sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520
        * Likely fixes several critical errata on IceLake-U/Y causing system
          hangs
    
     -- Steve Beattie <email address hidden>  Tue, 09 Jun 2020 06:32:19 -0700
  • intel-microcode (3.20191115.1ubuntu0.16.04.2) xenial-security; urgency=medium
    
      * REGRESSION UPDATE: warm reboots cause hangs on certain Skylake
        processors (LP: #1854764)
        + Reverted microcode (from revision 0x2000065):
          sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
    
     -- Steve Beattie <email address hidden>  Mon, 02 Dec 2019 12:53:04 -0800
  • intel-microcode (3.20191115.1ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * Backport from debian unstable:
        - Unexpected Page Faults in Guest Virtualization
          Environment (SKL-188, KBL-144, CFL-136 errata)
      * Remaining Ubuntu changes
        - debian/initramfs.hook: Do not override preset defaults from
          auto-exported conf snippets loaded by initramfs-tools.
    
    intel-microcode (3.20191115.1) unstable; urgency=high
    
      * New upstream microcode datafile 20191115
        + Updated Microcodes:
          sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
          sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
          sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352
          sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352
          sig 0x000806ea, pf_mask 0xc0, 2019-10-03, rev 0x00ca, size 100352
          sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352
          sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352
          sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352
          sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
          sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352
          sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
          sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352
          sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136
    
    intel-microcode (3.20191113.1) unstable; urgency=high
    
      * New upstream microcode datafile 20191113
        + SECURITY UPDATE, refer to the 3.20191112.1 changelog entry for details
          Adds microcode update for CFL-S (Coffe Lake Desktop)
          INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117
        + Updated Microcodes (previously removed):
          sig 0x000906ec, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
    
     -- Steve Beattie <email address hidden>  Tue, 19 Nov 2019 12:51:08 -0800
  • intel-microcode (3.20191112-0ubuntu0.16.04.2) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode data release 20191112
        CVE-2019-11135, CVE-2019-11139
        + New Microcodes:
          sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992
          sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768
          sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200
          sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040
          sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752
          sig 0x000706e5, pf_mask 0x80, 2019-10-07, rev 0x004e, size 103424
          sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136
        + Updated Microcodes:
          sig 0x000406e3, pf_mask 0xc0, 2019-08-14, rev 0x00d4, size 101376
          sig 0x00050654, pf_mask 0xb7, 2019-09-05, rev 0x2000065, size 34816
          sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200
          sig 0x000506e3, pf_mask 0x36, 2019-08-14, rev 0x00d4, size 101376
          sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728
          sig 0x000806e9, pf_mask 0x10, 2019-08-14, rev 0x00c6, size 99328
          sig 0x000806e9, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 100352
          sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328
          sig 0x000806eb, pf_mask 0xd0, 2019-08-14, rev 0x00c6, size 100352
          sig 0x000806ec, pf_mask 0x94, 2019-08-14, rev 0x00c6, size 100352
          sig 0x000906e9, pf_mask 0x2a, 2019-04-30, rev 0x00ba, size 99328
          sig 0x000906ea, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
          sig 0x000906eb, pf_mask 0x02, 2019-08-14, rev 0x00c6, size 100352
          sig 0x000906ed, pf_mask 0x22, 2019-08-14, rev 0x00c6, size 99328
      * Remaining Ubuntu changes:
        - debian/initramfs.hook: Do not override preset defaults from
          auto-exported conf snippets loaded by initramfs-tools.
    
    intel-microcode (3.20190918.1ubuntu1) eoan; urgency=low
    
      * Merge from Debian testing.  Remaining changes:
        - debian/initramfs.hook: Do not override preset defaults from
          auto-exported conf snippets loaded by initramfs-tools.
    
    intel-microcode (3.20190918.1) unstable; urgency=medium
    
      * New upstream microcode datafile 20190918
        + SECURITY UPDATE
          *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
          the set of processors being updated.
        + Updated Microcodes:
          sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
          sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
          sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
          sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
          sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
          sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
          sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
          sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
          sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
          sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456
    
     -- Steve Beattie <email address hidden>  Tue, 12 Nov 2019 10:45:50 -0800
  • intel-microcode (3.20190618.0ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode datafile 20190618
        - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
        + Updated Microcodes:
          sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
          sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456
          sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
        + Add MDS mitigation support for Sandy Bridge server and Core-X
          processor families.(LP: #1830123)
    
     -- Steve Beattie <email address hidden>  Thu, 20 Jun 2019 06:44:56 -0700
  • intel-microcode (3.20190514.0ubuntu0.16.04.2) xenial-security; urgency=medium
    
      * Update to final 20190514 microcode update. (LP: #1829745)
        - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
        + New Microcodes:
          sig 0x00030678, pf_mask 0x02, 2016.04-22, rev 0x0838, size 52224
          sig 0x00030678, pf_mask 0x0c, 2016.04-22, rev 0x0838, size 52224
          sig 0x00030679, pf_mask 0x0f, 2016.04-23, rev 0x090c, size 52224
          sig 0x000406c3, pf_mask 0x01, 2016.04-23, rev 0x0368, size 69632
          sig 0x000406c4, pf_mask 0x01, 2016.04-23, rev 0x0411, size 68608
        + Add MDS mitigation support for Cherry Trail and Bay Trail
          processor families.
    
      [ Dimitri John Ledkov ]
      * Do not override preset defaults from auto-exported conf snippets
        loaded by initramfs-tools. This thus allows other hooks, or
        alternative confdir override the built-in defaults at mkinitramfs
        time. Specifically to support generating installer/golden/bare-metal
        initrds with all microcodes for any hardware.
    
     -- Steve Beattie <email address hidden>  Mon, 20 May 2019 22:08:04 -0700
  • intel-microcode (3.20190514.0ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: new upstream datafile 20190507
        - CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
        + New Microcodes:
          sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104
          sig 0x00050656, pf_mask 0xbf, 2019-01-28, rev 0x400001c, size 47104
          sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
        + Updated Micrcodes:
          sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
          sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
          sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
          sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
          sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
          sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
          sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
          sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
          sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
          sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
          sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
          sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
          sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
          sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
          sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
          sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
          sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
          sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
          sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
          sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
          sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
          sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
          sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
          sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
          sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
          sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
          sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
          sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
          sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
          sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
          sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
          sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
        + Reinstated Microcodes:
          sig 0x00050653, pf_mask 0x97, 2018-01-29, rev 0x1000140, size 30720
    
    intel-microcode (3.20190312.1) unstable; urgency=medium
    
      * New upstream microcode datafile 20190312
        + Removed Microcodes:
          sig 0x00050653, pf_mask 0x97, 2018-01-29, rev 0x1000140, size 30720
        + New Microcodes:
          sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
          sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
          sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
          sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
          sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280
        + Updated Microcodes:
          sig 0x000306f2, pf_mask 0x6f, 2018-11-20, rev 0x0041, size 34816
          sig 0x000306f4, pf_mask 0x80, 2018-11-06, rev 0x0013, size 17408
          sig 0x00050654, pf_mask 0xb7, 2019-01-28, rev 0x200005a, size 33792
          sig 0x00050662, pf_mask 0x10, 2018-12-06, rev 0x0019, size 32768
          sig 0x00050663, pf_mask 0x10, 2018-12-06, rev 0x7000016, size 23552
          sig 0x00050664, pf_mask 0x10, 2018-11-17, rev 0xf000014, size 23552
          sig 0x00050665, pf_mask 0x10, 2018-11-17, rev 0xe00000c, size 19456
          sig 0x000506c9, pf_mask 0x03, 2018-09-14, rev 0x0036, size 17408
          sig 0x000506ca, pf_mask 0x03, 2018-09-20, rev 0x0010, size 15360
          sig 0x000706a1, pf_mask 0x01, 2018-09-21, rev 0x002c, size 73728
          sig 0x000806e9, pf_mask 0xc0, 2018-07-16, rev 0x009a, size 98304
          sig 0x000806ea, pf_mask 0xc0, 2018-10-18, rev 0x009e, size 98304
          sig 0x000906e9, pf_mask 0x2a, 2018-07-16, rev 0x009a, size 98304
          sig 0x000906ea, pf_mask 0x22, 2018-12-12, rev 0x00aa, size 98304
          sig 0x000906eb, pf_mask 0x02, 2018-12-12, rev 0x00aa, size 99328
    
    intel-microcode (3.20180807a.2) unstable; urgency=medium
    
      * Makefile: unblacklist 0x206c2 (Westmere EP)
        According to <email address hidden>, on message to LP#1795594
        on 2018-10-09, we can ship 0x206c2 updates without restrictions.
        Also, there are no reports in the field about this update causing
        issues (closes: #907402) (LP: #1795594)
    
     -- Steve Beattie <email address hidden>  Mon, 13 May 2019 16:14:32 -0700
  • intel-microcode (3.20180807a.0ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode update to provide L1D cache
        flush support to mitigate L1TF (CVE-2018-3646)
        - New Microcodes:
          sig 0x000206e6, pf_mask 0x04, 2018-05-15, rev 0x000d, size 9216
          sig 0x000506c2, pf_mask 0x01, 2018-05-11, rev 0x0014, size 15360
          sig 0x000506ca, pf_mask 0x03, 2018-05-11, rev 0x000c, size 14336
          sig 0x000506f1, pf_mask 0x01, 2018-05-11, rev 0x0024, size 10240
        - Updated Microcodes:
          sig 0x000106a5, pf_mask 0x03, 2018-05-11, rev 0x001d, size 12288
          sig 0x000106e5, pf_mask 0x13, 2018-05-08, rev 0x000a, size 9216
          sig 0x00020652, pf_mask 0x12, 2018-05-08, rev 0x0011, size 9216
          sig 0x00020655, pf_mask 0x92, 2018-04-23, rev 0x0007, size 4096
          sig 0x000206a7, pf_mask 0x12, 2018-04-10, rev 0x002e, size 12288
          sig 0x000206f2, pf_mask 0x05, 2018-05-16, rev 0x003b, size 14336
          sig 0x000306a9, pf_mask 0x12, 2018-04-10, rev 0x0020, size 13312
          sig 0x000306c3, pf_mask 0x32, 2018-04-02, rev 0x0025, size 23552
          sig 0x000306d4, pf_mask 0xc0, 2018-03-22, rev 0x002b, size 18432
          sig 0x00040651, pf_mask 0x72, 2018-04-02, rev 0x0024, size 22528
          sig 0x00040661, pf_mask 0x32, 2018-04-02, rev 0x001a, size 25600
          sig 0x00040671, pf_mask 0x22, 2018-04-03, rev 0x001e, size 13312
          sig 0x000406e3, pf_mask 0xc0, 2018-04-17, rev 0x00c6, size 99328
          sig 0x00050662, pf_mask 0x10, 2018-05-25, rev 0x0017, size 31744
          sig 0x00050663, pf_mask 0x10, 2018-04-20, rev 0x7000013, size 22528
          sig 0x00050664, pf_mask 0x10, 2018-04-20, rev 0xf000012, size 22528
          sig 0x000506c9, pf_mask 0x03, 2018-05-11, rev 0x0032, size 16384
          sig 0x000506e3, pf_mask 0x36, 2018-04-17, rev 0x00c6, size 99328
          sig 0x000706a1, pf_mask 0x01, 2018-05-22, rev 0x0028, size 73728
          sig 0x000806e9, pf_mask 0xc0, 2018-03-24, rev 0x008e, size 98304
          sig 0x000806ea, pf_mask 0xc0, 2018-05-15, rev 0x0096, size 98304
          sig 0x000906e9, pf_mask 0x2a, 2018-03-24, rev 0x008e, size 98304
          sig 0x000906ea, pf_mask 0x22, 2018-05-02, rev 0x0096, size 97280
          sig 0x000906eb, pf_mask 0x02, 2018-03-24, rev 0x008e, size 98304
        - Added back upstream but blacklisted by packaging due to the issues
          around addressing Intel SA-00030:
          sig 0x000206c2, pf_mask 0x03, 2018-05-08, rev 0x001f, size 11264
      * Remaining changes from Debian:
        - debian/initramfs.hook: Default to early instead of auto, and
          install all of the microcode, not just the one matching the
          current CPU, if MODULES=most is set in the initramfs-tools config
    
    intel-microcode (3.20180703.2ubuntu1) cosmic; urgency=low
    
      * Merge from Debian unstable (LP: #1783385).  Remaining changes:
        - debian/initramfs.hook: Default to early instead of auto, and
          install all of the microcode, not just the one matching the
          current CPU, if MODULES=most is set in the initramfs-tools config
    
    intel-microcode (3.20180703.2) unstable; urgency=medium
    
      * source: fix badly named symlink that resulted in most microcode
        updates not being shipped in the binary package.  Oops!
    
    intel-microcode (3.20180703.1) unstable; urgency=medium
    
      * New upstream microcode data file 20180703 (closes: #903018)
        + Updated Microcodes:
          sig 0x000206d6, pf_mask 0x6d, 2018-05-08, rev 0x061d, size 18432
          sig 0x000206d7, pf_mask 0x6d, 2018-05-08, rev 0x0714, size 19456
          sig 0x000306e4, pf_mask 0xed, 2018-04-25, rev 0x042d, size 15360
          sig 0x000306e7, pf_mask 0xed, 2018-04-25, rev 0x0714, size 17408
          sig 0x000306f2, pf_mask 0x6f, 2018-04-20, rev 0x003d, size 33792
          sig 0x000306f4, pf_mask 0x80, 2018-04-20, rev 0x0012, size 17408
          sig 0x000406f1, pf_mask 0xef, 2018-04-19, rev 0xb00002e, size 28672
          sig 0x00050654, pf_mask 0xb7, 2018-05-15, rev 0x200004d, size 31744
          sig 0x00050665, pf_mask 0x10, 2018-04-20, rev 0xe00000a, size 18432
        + First batch of fixes for: Intel SA-00115, CVE-2018-3639, CVE-2018-3640
        + SSBD support (Spectre-v4 mitigation) and fix Spectre-v3a for:
          Sandybridge server, Ivy Bridge server, Haswell server, Skylake server,
          Broadwell server, a few HEDT Core i7/i9 models that are actually gimped
          server dies.
      * source: update symlinks to reflect id of the latest release, 20180703
    
     -- Steve Beattie <email address hidden>  Fri, 24 Aug 2018 11:05:52 -0700
  • intel-microcode (3.20180425.1~ubuntu0.16.04.2) xenial; urgency=medium
    
      * Default to early instead of auto, and install all of the microcode,
        not just the one matching the current CPU, if MODULES=most is set
        in the initramfs-tools config (LP: #1778738)
    
     -- Julian Andres Klode <email address hidden>  Tue, 26 Jun 2018 16:31:30 +0200
  • intel-microcode (3.20180425.1~ubuntu0.16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode data file 20180425 to
        provide IBRS/IBPB/STIBP microcode support for Spectre variant 2 mitigation
        for Pentium Silver N/J5xxx, Celeron N/J4xxx (sig 0x000706a1) and
        Xeon E5/E7 v4; Core i7-69xx/68xx (sig 0x000406f1) (LP: #1769043)
        - merge from Debian.
    
    intel-microcode (3.20180425.1) unstable; urgency=medium
    
      * New upstream microcode data file 20180425 (closes: #897443, #895878)
        + Updated Microcodes:
          sig 0x000406f1, pf_mask 0xef, 2018-03-21, rev 0xb00002c, size 27648
          sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728
        + Implements IBRS/IBPB/STIPB support, Spectre-v2 mitigation
        + Note that sig 0x000604f1 has been blacklisted from late-loading
          since Debian release 3.20171117.1.
      * source: remove undesired list files from microcode directories
      * source: switch to microcode-<id>.d/ since Intel dropped .dat
        support.
    
     -- Steve Beattie <email address hidden>  Thu, 03 May 2018 12:45:47 -0700
  • intel-microcode (3.20180312.0~ubuntu16.04.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: New upstream microcode data file 20180312 to provide
        IBRS/IBPB/STIBP microcode support for Spectre variant 2 mitigation
        - New Microcodes:
          sig 0x00050653, pf mask 0x97, 2018-01-29, rev 0x1000140, size 30720
          sig 0x00050665, pf mask 0x10, 2018-01-22, rev 0xe000009, size 18432
        - Updated Microcodes:
          sig 0x000206a7, pf mask 0x12, 2018-02-07, rev 0x002d, size 12288
          sig 0x000206d6, pf mask 0x6d, 2018-01-30, rev 0x061c, size 18432
          sig 0x000206d7, pf mask 0x6d, 2018-01-26, rev 0x0713, size 19456
          sig 0x000306a9, pf mask 0x12, 2018-02-07, rev 0x001f, size 13312
          sig 0x000306c3, pf mask 0x32, 2018-01-21, rev 0x0024, size 23552
          sig 0x000306d4, pf mask 0xc0, 2018-01-18, rev 0x002a, size 18432
          sig 0x000306e4, pf mask 0xed, 2018-01-25, rev 0x042c, size 15360
          sig 0x000306e7, pf mask 0xed, 2018-02-16, rev 0x0713, size 16384
          sig 0x000306f2, pf mask 0x6f, 2018-01-19, rev 0x003c, size 33792
          sig 0x000306f4, pf mask 0x80, 2018-01-22, rev 0x0011, size 17408
          sig 0x00040651, pf mask 0x72, 2018-01-18, rev 0x0023, size 21504
          sig 0x00040661, pf mask 0x32, 2018-01-21, rev 0x0019, size 25600
          sig 0x00040671, pf mask 0x22, 2018-01-21, rev 0x001d, size 12288
          sig 0x000406e3, pf mask 0xc0, 2017-11-16, rev 0x00c2, size 99328
          sig 0x00050654, pf mask 0xb7, 2018-01-26, rev 0x2000043, size 28672
          sig 0x00050662, pf mask 0x10, 2018-01-22, rev 0x0015, size 31744
          sig 0x00050663, pf mask 0x10, 2018-01-22, rev 0x7000012, size 22528
          sig 0x00050664, pf mask 0x10, 2018-01-22, rev 0xf000011, size 22528
          sig 0x000506e3, pf mask 0x36, 2017-11-16, rev 0x00c2, size 99328
          sig 0x000806e9, pf mask 0xc0, 2018-01-21, rev 0x0084, size 98304
          sig 0x000806ea, pf mask 0xc0, 2018-01-21, rev 0x0084, size 97280
          sig 0x000906e9, pf mask 0x2a, 2018-01-21, rev 0x0084, size 98304
          sig 0x000906ea, pf mask 0x22, 2018-01-21, rev 0x0084, size 96256
          sig 0x000906eb, pf mask 0x02, 2018-01-21, rev 0x0084, size 98304
        - CVE-2017-5715
    
     -- Tyler Hicks <email address hidden>  Tue, 13 Mar 2018 20:10:18 +0000
  • intel-microcode (3.20180108.0+really20170707ubuntu16.04.1) xenial-security; urgency=medium
    
      * Revert to 20170707 version of microcode because of regressions on
        certain hardware. (LP: #1742933)
    
     -- Marc Deslauriers <email address hidden>  Mon, 22 Jan 2018 07:19:36 -0500
  • intel-microcode (3.20180108.0~ubuntu16.04.2) xenial-security; urgency=medium
    
      * New upstream microcode datafile 20180108
        + New Microcodes:
          sig 0x000506c9, pf_mask 0x03, 2017-03-25, rev 0x002c, size 16384
          sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728
          sig 0x000906ea, pf_mask 0x22, 2018-01-04, rev 0x0080, size 97280
          sig 0x000906eb, pf_mask 0x02, 2018-01-04, rev 0x0080, size 98304
        + Updated Microcodes:
          sig 0x000306c3, pf_mask 0x32, 2017-11-20, rev 0x0023, size 23552
          sig 0x000306d4, pf_mask 0xc0, 2017-11-17, rev 0x0028, size 18432
          sig 0x000306e4, pf_mask 0xed, 2017-12-01, rev 0x042a, size 15360
          sig 0x000306f2, pf_mask 0x6f, 2017-11-17, rev 0x003b, size 33792
          sig 0x000306f4, pf_mask 0x80, 2017-11-17, rev 0x0010, size 17408
          sig 0x00040651, pf_mask 0x72, 2017-11-20, rev 0x0021, size 22528
          sig 0x00040661, pf_mask 0x32, 2017-11-20, rev 0x0018, size 25600
          sig 0x00040671, pf_mask 0x22, 2017-11-17, rev 0x001b, size 13312
          sig 0x000406e3, pf_mask 0xc0, 2017-11-16, rev 0x00c2, size 99328
          sig 0x00050654, pf_mask 0xb7, 2017-12-08, rev 0x200003c, size 27648
          sig 0x00050662, pf_mask 0x10, 2017-12-16, rev 0x0014, size 31744
          sig 0x00050663, pf_mask 0x10, 2017-12-16, rev 0x7000011, size 22528
          sig 0x000506e3, pf_mask 0x36, 2017-11-16, rev 0x00c2, size 99328
          sig 0x000806e9, pf_mask 0xc0, 2018-01-04, rev 0x0080, size 98304
          sig 0x000806ea, pf_mask 0xc0, 2018-01-04, rev 0x0080, size 98304
          sig 0x000906e9, pf_mask 0x2a, 2018-01-04, rev 0x0080, size 98304
       * source: remove unneeded intel-ucode/ directory
       * source: remove superseded upstream data file: 20170707
    
     -- Marc Deslauriers <email address hidden>  Tue, 09 Jan 2018 13:28:52 -0500
  • intel-microcode (3.20170707.1~ubuntu16.04.0) xenial; urgency=medium
    
      * Sync of new upstream microcode release to address Skylake, Kaby Lake
        Hyper Threading bug.  This is a sync of the dat files from artful
        version 3.20170707.1 (LP: #1700373)
      * New upstream microcode datafile 20170707
        + New Microcodes:
          sig 0x00050654, pf_mask 0x97, 2017-06-01, rev 0x2000022, size 25600
          sig 0x000806e9, pf_mask 0xc0, 2017-04-27, rev 0x0062, size 97280
          sig 0x000806ea, pf_mask 0xc0, 2017-05-23, rev 0x0066, size 95232
          sig 0x000906e9, pf_mask 0x2a, 2017-04-06, rev 0x005e, size 97280
        + This release fixes the nightmare-level errata SKZ7/SKW144/SKL150/
          SKX150 (Skylake) KBL095/KBW095 (Kaby Lake) for all affected Kaby
          Lake and Skylake processors: Skylake D0/R0 were fixed since the
          previous upstream release (20170511).  This new release adds the
          fixes for Kaby Lake Y0/B0/H0 and Skylake H0 (Skylake-E/X).
        + Fix undisclosed errata in Skylake H0 (0x50654), Kaby Lake Y0
          (0x806ea), Kaby Lake H0 (0x806e9), Kaby Lake B0 (0x906e9)
      * source: removed superseded upstream dat files: 20101123, 20151106
        This brings dat files in sync with those shipped in Arful.
      * Updated Intel changelog to reflect dat file sync.
    
     -- Dave Chiluk <email address hidden>  Wed, 12 Jul 2017 21:46:36 -0500
  • intel-microcode (3.20151106.1) unstable; urgency=medium
    
      * New upstream microcode data file 20151106
        + New Microcodes:
          sig 0x000306f4, pf mask 0x80, 2015-07-17, rev 0x0009, size 14336
          sig 0x00040671, pf mask 0x22, 2015-08-03, rev 0x0013, size 11264
        + Updated Microcodes:
          sig 0x000306a9, pf mask 0x12, 2015-02-26, rev 0x001c, size 12288
          sig 0x000306c3, pf mask 0x32, 2015-08-13, rev 0x001e, size 21504
          sig 0x000306d4, pf mask 0xc0, 2015-09-11, rev 0x0022, size 16384
          sig 0x000306f2, pf mask 0x6f, 2015-08-10, rev 0x0036, size 30720
          sig 0x00040651, pf mask 0x72, 2015-08-13, rev 0x001d, size 20480
        * This massive Haswell + Broadwell (and related Xeons) update fixes
          several critical errata, including the high-hitting BDD86/BDM101/
          HSM153(?) which triggers an MCE and locks the processor core
          (LP: #1509764)
        * Might fix critical errata BDD51, BDM53 (TSX-related)
      * source: remove superseded upstream data file: 20150121
      * Add support for supplementary microcode bundles:
        + README.source: update and mention supplementary microcode
        + Makefile: support supplementary microcode
          Add support for supplementary microcode bundles, which (unlike .fw
          microcode override files) can be superseded by a higher revision
          microcode from the latest regular microcode bundle.  Also, fix the
          "oldies" target to have its own exclude filter (IUC_OLDIES_EXCLUDE)
      * Add support for x32 arch:
        + README.source: mention x32
        + control,rules: enable building on x32 arch (Closes: #777356)
      * ucode-blacklist: add Broadwell and Haswell-E signatures
        Add a missing signature for Haswell Refresh (Haswell-E) to the "must
        be updated only by the early microcode update driver" list.  There is
        at least one report of one of the Broadwell microcode updates disabling
        TSX-NI, so add them as well just in case
    
     -- Henrique de Moraes Holschuh <email address hidden>  Mon, 09 Nov 2015 23:07:32 -0200
  • intel-microcode (3.20150121.1) unstable; urgency=critical
    
    
      * New upstream microcode data file 20150121
        * Downgraded microcodes (to a previously shipped revision):
          sig 0x000306f2, pf mask 0x6f, 2014-09-03, rev 0x0029, size 28672
        * The microcode downgrade fixes a very nasty regression on Xeon E5v3
          processors (closes: #776431)
      * critical urgency: the broken sig 0x306f2, rev 0x2b microcode shipped
        in release 20150107 caused CPU core hangs and Linux boot failures.
        The upstream fix was to downgrade it to the same microcode revision
        that was shipped in release 20140913
      * source: remove superseded upstream data file: 20150107.
      * initramfs.hook: do not mix arrays and lists.
        Avoid echo "foo $@", use echo "foo $*" instead.  This is unlikely
        to be expĺoitable, but it makes ShellCheck happier.
    
     -- Henrique de Moraes Holschuh <email address hidden>  Wed, 28 Jan 2015 20:03:20 -0200