From 080f4bd5e6b48dd0f1ee5511be54ceca3e460300 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 23 2018 20:12:32 +0000 Subject: import microcode_ctl-2.1-29.2.el7_5 --- diff --git a/.gitignore b/.gitignore index 30725e6..487117e 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/microcode_ctl-2.1-14.tar.xz +SOURCES/microcode_ctl-2.1-20180425.tar.xz diff --git a/.microcode_ctl.metadata b/.microcode_ctl.metadata index 4f97a1d..c9bd3e4 100644 --- a/.microcode_ctl.metadata +++ b/.microcode_ctl.metadata @@ -1 +1 @@ -e2508bc2b2b359fb45be6fd5595612cffaca8024 SOURCES/microcode_ctl-2.1-14.tar.xz +6571a7941864bb7bc3feee13d4c2ca40cbb8b7cb SOURCES/microcode_ctl-2.1-20180425.tar.xz diff --git a/SOURCES/disclaimer b/SOURCES/disclaimer index 8d8d7c8..13b450c 100644 --- a/SOURCES/disclaimer +++ b/SOURCES/disclaimer @@ -1,11 +1,16 @@ -This update supersedes microcode provided by Red Hat with the CVE-2017-5715 (“Spectre”) -CPU branch injection vulnerability mitigation. (HIstorically, Red Hat has provided updated -microcode, developed by our microprocessor partners, as a customer convenience.) Further -testing has uncovered problems with the microcode provided along with the “Spectre” mitigation -that could lead to system instabilities. As a result, Red Hat is providing an microcode update -that reverts to the last known good microcode version dated before 03 January 2018. -Red Hat strongly recommends that customers contact their hardware provider for the latest microcode updates. - -IMPORTANT: Customers using Intel Skylake-, Broadwell-, and Haswell-based platforms must obtain and -install updated microcode from their hardware vendor immediately. The "Spectre" mitigation requires -both an updated kernel from Red Hat and updated microcode from your hardware vendor. +This updated microcode supersedes microcode provided by Red Hat with +the CVE-2017-5715 (“Spectre”) CPU branch injection vulnerability +mitigation. +Historically, Red Hat has provided updated microcode, developed by our +microprocessor partners, as a customer convenience. Red Hat had +temporarily suspended this practice while microcode stabilized. Red +Hat is once again providing an updated Intel microcode package +(microcode_ctl) and AMD microcode package (linux-firmware) to customers +in order to simplify deployment processes and minimize downtime. We’ll +continue to update these microcode packages as necessary. Please +contact your hardware vendor to determine whether more recent +BIOS/firmware updates are recommended because additional improvements +may be available. +This kbase https://access.redhat.com/articles/3436091 includes a table +that maps Intel and AMD CPU processor code family names to updated +Intel and AMD microcode package versions. diff --git a/SPECS/microcode_ctl.spec b/SPECS/microcode_ctl.spec index c931cfb..fbdeb12 100644 --- a/SPECS/microcode_ctl.spec +++ b/SPECS/microcode_ctl.spec @@ -1,9 +1,9 @@ -%define upstream_version 2.1-14 +%define upstream_version 2.1-20180425 Summary: Tool to transform and deploy CPU microcode update for x86. Name: microcode_ctl Version: 2.1 -Release: 29%{?dist} +Release: 29.2%{?dist} Epoch: 2 Group: System Environment/Base License: GPLv2+ and Redistributable, no modification permitted @@ -88,6 +88,14 @@ rm -rf %{buildroot} %changelog +* Tue May 15 2018 Petr Oros - 2.1-29.2 +- Update disclaimer text +- Resolves: #1575570 + +* Mon May 7 2018 Petr Oros - 2.1-29.1 +- Intel CPU microcode update to 20180425. +- Resolves: #1575570 + * Fri Jan 12 2018 Petr Oros - 2.1-29 - Revert Microcode from Intel for Side Channel attack - Resolves: #1533939