Bug#980962: buster-pu: package intel-microcode/3.20201118.1~deb10u1
On Sun, 24 Jan 2021, Henrique de Moraes Holschuh wrote:
Regressions were indeed reported (as expected). A few days ago, Intel
> published relevant information pinpointing the regression on Skylake D0
> and Skylake R0 processors to specific conditions (detailed below for
> completeness).
>
> The 3.20201118.1~deb10u1 version of the package (the one I am proposing
> for the stable update) contains changes not (yet?) in unstable to
> address the Skylake D0/R0 issue: they had their updates frozen
> to the same revision currently in Debian stable.
I better explain that in a more direct, clear way:
The reason why I want to update the package in stable is: the updated
microcode in this package have security mitigations for a few newer
speculative execution sidechannel attacks, and fix some critical
defects/"errata" on many recent processor models, *other than Skylake
R0/D0*.
The s-p-u version of the intel-microcode package I am proposing has
*less* changes than the packages currently in unstable/testing.
The microcode updates have been tested in unstable since 2020-12-27, and
in testing since 2020-01-02.
Issues with it were reported in Ubuntu and Arch Linux, for specific
system vendors and computer models (not processor models -- i.e. it does
not look like a general issue with the microcode updates) when running
outdated firmware.
A *general* microcode update issue was reported only for Skylake D0/R0.
The offending microcode changes for Skylake D0/R0 are *reverted* in this
s-p-u package.
To do that, the package keeps the microcode for these two processor
models *exactly the same* as they already are in Debian stable.
The package changes when compared to the packages currently in Debian
stable are:
1. microcode binary data (except for Skylake D0 and R0)
2. upstream documentation
3. Debian metadata (changelog, version).
Thanks!
--
Henrique Holschuh
Reply to: