Sebastian Ramacher wrote: > What about the following text (adapted from the DSA)? > > The intel-firmware package contained in bullseye and released as part of
It's "intel-microcode" (eventually: <systemitem role="package">intel-microcode</systemitem>). > DSA-4934-1 is known to contain two significant bugs. For some CoffeeLake Readers unfamiliar with the way we label bugs using DSAs will find this hard to follow. Could we make it something like The intel-microcode package currently in bullseye and buster-security (see DSA-4934-1) is known to contain two significant bugs. For some CoffeeLake And if it links to https://www.debian.org/security/2021/dsa-4934 then we can also reference the instructions there. > CPUs this update may break iwlwifi ^^^^^^^ We don't want users to think "dpkg says I have no such package installed, so this can't be a problem for me". Maybe we should say "this update may break network interfaces that use firmware-iwlwifi". > (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/56) > and some for Skylake R0/D0 CPUs on systems using a very outdated ^^^^ Typo for "so"? > firmware/BIOS, the system may hang on boot: > (https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/31) > > If you held back the update from DSA-4934-1 due to any of these two ^^^^^^^^^^^^^^^^ "Either of these issues" > issues or do not have the security archive enabled, be aware that > upgrading to the intel-firwmare package in bullseye may cause your ^^^^^^^^ As above. > system to hang on boot or break iwlwifi. In that case, you can recover by > disabling microcode loading on boot (as documented in README.Debian, > also available online at > https://salsa.debian.org/hmh/intel-microcode/-/blob/master/debian/README.Debian) We could replace this with "See the instructions in the DSA (also in the intel-microcode README.Debian)". Mind you, it would be nice if that README started with "TLDR: boot with dis_ucode_ldr"! -- JBR with qualifications in linguistics, experience as a Debian sysadmin, and probably no clue about this particular package
