Bug#1043305: marked as done (intel-microcode: CVE-2022-40982 CVE-2022-41804 CVE-2023-23908)

Tue, 08 Aug 2023 16:24:14 -0700 

Your message dated Tue, 08 Aug 2023 23:20:33 +0000
with message-id <e1qtw09-005ijb...@fasolo.debian.org>
and subject line Bug#1043305: fixed in intel-microcode 3.20230808.1
has caused the Debian Bug report #1043305,
regarding intel-microcode: CVE-2022-40982 CVE-2022-41804 CVE-2023-23908
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1043305: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: intel-microcode
Version: 3.20230512.1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Control: found -1 3.20220510.1~deb11u1
Control: found -1 3.20230214.1~deb11u1

Hi,

The following vulnerabilities were published for intel-microcode.

CVE-2022-40982[0], CVE-2022-41804[1] and CVE-2023-23908[2].


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2022-40982
    https://www.cve.org/CVERecord?id=CVE-2022-40982
    
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html
[1] https://security-tracker.debian.org/tracker/CVE-2022-41804
    https://www.cve.org/CVERecord?id=CVE-2022-41804
    
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html
[2] https://security-tracker.debian.org/tracker/CVE-2023-23908
    https://www.cve.org/CVERecord?id=CVE-2023-23908
    
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html
[3] 
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20230808

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message --- 
Source: intel-microcode
Source-Version: 3.20230808.1
Done: Henrique de Moraes Holschuh <h...@debian.org>

We believe that the bug you reported is fixed in the latest version of
intel-microcode, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1043...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Henrique de Moraes Holschuh <h...@debian.org> (supplier of updated 
intel-microcode package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 08 Aug 2023 17:25:56 -0300
Source: intel-microcode
Architecture: source
Version: 3.20230808.1
Distribution: unstable
Urgency: high
Maintainer: Henrique de Moraes Holschuh <h...@debian.org>
Changed-By: Henrique de Moraes Holschuh <h...@debian.org>
Closes: 1043305
Changes:
 intel-microcode (3.20230808.1) unstable; urgency=high
 .
   * New upstream microcode datafile 20230808 (closes: #1043305)
     Mitigations for "Downfall" INTEL-SA-00828 (CVE-2022-40982),
     INTEL-SA-00836 (CVE-2023-23908) and INTEL-SA-00837 (CVE-2022-41804)
     * Updated microcodes:
       sig 0x00050653, pf_mask 0x97, 2023-03-23, rev 0x1000181, size 36864
       sig 0x00050654, pf_mask 0xb7, 2023-03-06, rev 0x2007006, size 44032
       sig 0x00050656, pf_mask 0xbf, 2023-03-17, rev 0x4003604, size 38912
       sig 0x00050657, pf_mask 0xbf, 2023-03-17, rev 0x5003604, size 38912
       sig 0x0005065b, pf_mask 0xbf, 2023-03-21, rev 0x7002703, size 30720
       sig 0x000606a6, pf_mask 0x87, 2023-03-30, rev 0xd0003a5, size 297984
       sig 0x000706e5, pf_mask 0x80, 2023-02-26, rev 0x00bc, size 113664
       sig 0x000806c1, pf_mask 0x80, 2023-02-27, rev 0x00ac, size 111616
       sig 0x000806c2, pf_mask 0xc2, 2023-02-27, rev 0x002c, size 98304
       sig 0x000806d1, pf_mask 0xc2, 2023-02-27, rev 0x0046, size 103424
       sig 0x000806e9, pf_mask 0xc0, 2023-02-22, rev 0x00f4, size 106496
       sig 0x000806e9, pf_mask 0x10, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806ea, pf_mask 0xc0, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000806eb, pf_mask 0xd0, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000806ec, pf_mask 0x94, 2023-02-26, rev 0x00f8, size 106496
       sig 0x000806f8, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1, size 572416
       sig 0x000806f7, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f6, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f5, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f4, pf_mask 0x87, 2023-05-09, rev 0x2b0004b1
       sig 0x000806f8, pf_mask 0x10, 2023-05-15, rev 0x2c000271, size 605184
       sig 0x000806f6, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f5, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x000806f4, pf_mask 0x10, 2023-05-15, rev 0x2c000271
       sig 0x00090672, pf_mask 0x07, 2023-04-18, rev 0x002e, size 220160
       sig 0x00090675, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f2, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000b06f5, pf_mask 0x07, 2023-04-18, rev 0x002e
       sig 0x000906a3, pf_mask 0x80, 2023-04-18, rev 0x042c, size 219136
       sig 0x000906a4, pf_mask 0x80, 2023-04-18, rev 0x042c
       sig 0x000906e9, pf_mask 0x2a, 2023-02-23, rev 0x00f4, size 108544
       sig 0x000906ea, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 104448
       sig 0x000906eb, pf_mask 0x02, 2023-02-23, rev 0x00f4, size 106496
       sig 0x000906ec, pf_mask 0x22, 2023-02-23, rev 0x00f4, size 105472
       sig 0x000906ed, pf_mask 0x22, 2023-02-27, rev 0x00fa, size 106496
       sig 0x000a0652, pf_mask 0x20, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0653, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0655, pf_mask 0x22, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0660, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 97280
       sig 0x000a0661, pf_mask 0x80, 2023-02-23, rev 0x00f8, size 96256
       sig 0x000a0671, pf_mask 0x02, 2023-02-26, rev 0x0059, size 104448
       sig 0x000b0671, pf_mask 0x32, 2023-06-06, rev 0x0119, size 210944
       sig 0x000b06a2, pf_mask 0xe0, 2023-06-06, rev 0x4119, size 216064
       sig 0x000b06a3, pf_mask 0xe0, 2023-06-06, rev 0x4119
       sig 0x000b06e0, pf_mask 0x11, 2023-04-12, rev 0x0011, size 136192
   * source: update symlinks to reflect id of the latest release, 20230808
Checksums-Sha1:
 caa0c27b67d334b5eca7dfd7acc650f24e0d28d5 1798 intel-microcode_3.20230808.1.dsc
 337140bd6df6661ca1674a060d4040fe2330fe56 7184356 
intel-microcode_3.20230808.1.tar.xz
 303e51932a7de92215dcc33e15e14f2961c48dc1 6571 
intel-microcode_3.20230808.1_amd64.buildinfo
Checksums-Sha256:
 27f4653beb8f43e5e5fd916ee20cb93857460472c9415ba3aeedc18f9258a259 1798 
intel-microcode_3.20230808.1.dsc
 29e77c275b3f60a691832c0844f70effbd94a4594d04af21e0c2e6e0c1ac1894 7184356 
intel-microcode_3.20230808.1.tar.xz
 b6df2d1ed2b485f39534f95df520798ae1762841ae6f9ebca82beef29e98e9e5 6571 
intel-microcode_3.20230808.1_amd64.buildinfo
Files:
 cabb17a00075dcddc69aa274a2e73cfa 1798 non-free-firmware/admin standard 
intel-microcode_3.20230808.1.dsc
 3ca6fb74f6827d01d17e1b3ccdcd18a5 7184356 non-free-firmware/admin standard 
intel-microcode_3.20230808.1.tar.xz
 9d0e4a45fd88c8ac6568ea32b03521fb 6571 non-free-firmware/admin standard 
intel-microcode_3.20230808.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEIXEYtQeAQUHyKjs9TkVcVzAplOQFAmTSydYACgkQTkVcVzAp
lORBlw/8CAelr2E6sg3CGu2K/csKdM/EJWOqx1EKsUPFW7+Ng7ZIhxVsHlkJliBa
K/a957QtF1c54jIDDFvx6H+6IWPSplPuFYygnRLSGTSp+mVqDSRfeQhnVdrj9pYf
c8JoloByoEmEkjTw5PsWso5xU8k4P6D7+84ROaVt6hORl1cZ35ffY/08sH7GWvig
W3ovq7gVqINnwuS3l7x6lyXTv6r9kTtEjPj071eZiSYGECc9x6OeKlFjYGtMLN5h
OK7GznoroeX2sHwptRXB0P3fIumI1O5Hb02e1xmVb/cofio/btootOMxkNXRqPGB
Us/3zZlBb5OliudDNN2ozEMuVerudr1AjHolV6qi/gupCkDusdCYDePxB4snxh1a
rEJxchFHkYNr5nV189yWga4aRSho0cKm0CVcUnud3Rsm86lbk8B0PHXlgb+1RUIZ
gA0DB3Jo6WjVTFi/TAnviEjj1pA22OTckDZTaLFHItbhl8s/I2ATmuCrOY5yMQrO
Vyp/1w1Sdxf41tiHEpjVs0UputwDq61AYOY1C3mrqjO/HbWVrruhRHtWmbNbylQY
XGyM1boSWwJFqzxg8PmHrR/N4u02IaUSTF+rkkhEYP+771CYMV0NDWW8gZ9I8tbt
4f6CLrcMHBUmh7g95Z7MbX1ymkAFeAyR7WwJ8zpv/TMjkVPYmy8=
=RXRQ
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to