Backporting intel-microcode to 16.04 LTS for errata fix

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Backporting intel-microcode to 16.04 LTS for errata fix

Daniel J Blueman-4
I find the intel-microcode package in Ubuntu 16.04 is heavily outdated
(3.20151106.1) leaving many Intel Skylake and Kaby Lake systems
vulnerable to incorrect program flow/state due to a processor errata
[1].

This seems like sufficient rationale to backport the package
(3.20170511.1) from Artful which carries the updated microcode to
address the errata.

What's the consensus here?

[1] https://lists.debian.org/debian-devel/2017/06/msg00308.html
--
Daniel J Blueman

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Reply | Threaded
Open this post in threaded view
|

Re: Backporting intel-microcode to 16.04 LTS for errata fix

Robie Basak-4
On Wed, Jun 28, 2017 at 05:48:27PM +0800, Daniel J Blueman wrote:
> I find the intel-microcode package in Ubuntu 16.04 is heavily outdated
> (3.20151106.1) leaving many Intel Skylake and Kaby Lake systems
> vulnerable to incorrect program flow/state due to a processor errata
> [1].

It looks like this was stuck in moderation until now. FTR, there is a
bug
https://bugs.launchpad.net/ubuntu/+source/intel-microcode/+bug/1700373
and mailing list discussion
(https://lists.ubuntu.com/archives/ubuntu-release/2017-June/004140.html)
on this.

Consensus is to update. There was discussion about _how_ to do that, but
I don't think anybody objected to the principle of issuing the updates.

--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Backporting intel-microcode to 16.04 LTS for errata fix

Luke Faraone-2
In reply to this post by Daniel J Blueman-4
On 28/06/17 02:48, Daniel J Blueman wrote:
> I find the intel-microcode package in Ubuntu 16.04 is heavily outdated
> (3.20151106.1) leaving many Intel Skylake and Kaby Lake systems
> vulnerable to incorrect program flow/state due to a processor errata
> [1].

Apologies you didn't receive a response.

However, a few days before your mail, 3.20180425.1~ubuntu0.16.04.2 was
uploaded to xenial-security. Generally, the `xenial` pocket doesn't see
updates aside from point releases — we expect people to enable -security
to get bug-fixes.

[1]: https://launchpad.net/ubuntu/xenial/+source/intel-microcode/+changelog

Cheers,
Luke Faraone


--
ubuntu-devel mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel

signature.asc (849 bytes) Download Attachment