-
iucode-tool (1.5.1-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow on -tr loader
- debian/patches/CVE-2017-0357.patch: check al in intel_microcode.c.
- CVE-2017-0357
-- Marc Deslauriers <email address hidden> Wed, 25 Jan 2017 14:03:35 -0500
-
iucode-tool (1.5.1-1) unstable; urgency=medium
* New upstream release
+ several fixes for the "downgrade mode", including one for a bug
that would cause iucode_tool to enter an infinite loop
+ document downgrade mode limitations in the manpage
+ other minor fixes
-- Henrique de Moraes Holschuh <email address hidden> Sat, 13 Feb 2016 20:21:12 -0200
-
iucode-tool (1.5-1) unstable; urgency=medium
* New upstream release
+ There is a new option to write out microcodes, capable of writing
out every revision of every microcode: --write-all-named-to. All
other write out options will only output a single revision of a
microcode
+ iucode_tool(8): fix parameter name of --write-named-to.
+ iucode_tool(8): add two examples for the recovery loader (-tr)
-- Henrique de Moraes Holschuh <email address hidden> Fri, 16 Oct 2015 23:41:35 -0300
-
iucode-tool (1.3-1) unstable; urgency=medium
* New upstream release
+ Make it safe to call iucode_tool with stdout and/or stderr closed
+ Ignore multiple attempts to read microcode data from stdin, as all
data will have been read by the first attempt
+ Document in the manpage the arbritray maximum limit of 1GiB worth of
binary data per microcode data file. The other limits are too large
to bother documenting
+ Microcode data file loader fixes and enhancements:
+ Improve IO error detection
+ Print the line number when reporting .dat parsing errors
+ Allow comments after valid data for .dat files, previously they
had to be on a line of their own
+ Rework the .dat parser to make it less convoluted, and optimize it
for the exact .dat file layout Intel has been using in the last 15
years
+ Minor build fixes
-- Henrique de Moraes Holschuh <email address hidden> Sun, 24 May 2015 19:31:23 -0300
