-
amd64-microcode (1.20160316.1) oldstable; urgency=critical
* Upstream release 20160316 built from linux-firmware:
+ Updated Microcodes:
sig 0x00600f20, patch id 0x0600084f, 2016-01-25
+ This microcode updates fixes a critical erratum on NMI handling
introduced by microcode patch id 0x6000832 from the 20141028 update.
The erratum is also present on microcode patch id 0x6000836.
+ THIS IS A CRITICAL STABILITY AND SECURITY UPDATE FOR THE EARLIER
AMD PILEDRIVER PROCESSORS, including:
+ AMD Opteron 3300, 4300, 6300
+ AMD FX "Vishera" (43xx, 63xx, 83xx, 93xx, 95xx)
+ AMD processors with family 21, model 2, stepping 0
* Robert Święcki, while fuzzing the kernel using the syzkaller tool,
uncovered very strange behavior on an AMD FX-8320, later reproduced on
other AMD Piledriver model 2, stepping 0 processors including the Opteron
6300. Robert discovered, using his proof-of-concept exploit code, that
the incorrect behavior allows an unpriviledged attacker on an unpriviledged
VM to corrupt the return stack of the host kernel's NMI handler. At best,
this results in unpredictable host behavior. At worst, it allows for an
unpriviledged user on unpriviledged VM to carry a sucessful host-kernel
ring 0 code injection attack.
* The erratum is timing-dependant, easily triggered by workloads that
cause a high number of NMIs, such as running the "perf" tool.
-- Henrique de Moraes Holschuh <email address hidden> Sat, 19 Mar 2016 19:10:20 -0300
-
amd64-microcode (1.20141028.1) stable; urgency=medium
* Upstream release 20141028 built from linux-firmware
+ Updated microcode patches for family 0x15 processors
+ Added microcode patches for family 0x16 processors
* AMD did not update the relevant microcode documentation (errata fixed,
microcode patch levels, etc) for the 20141028 release, so there is no
documentation for the family 0x16 microcode patches, and the
documentation for the family 0x15 microcode patches is stale.
* Upstream release 20131007 built from linux-firmware
+ updated microcode:
sig 0x00500F10, id 0x05000029: erratum (+) 784;
sig 0x00500F20, id 0x05000119: erratum (+) 784;
sig 0x00600F12, id 0x0600063D: errata (-) 668, (+) 759, 778;
+ new microcode:
sig 0x00200F31, id 0x02000032: errata 311, 316;
sig 0x00600F20, id 0x06000822: errata 691, 699, 704, 708, 709, 734,
740, 778;
+ This update fixes important processor bugs that cause data corruption
or unpredictable system behaviour. It also fixes a performance issue
and several issues that cause system lockup.
* Switch to native package, since there is no upstream tarball
* debian/copyright: update upstream URL (Closes: #753593)
* debian/copyright: update with new license
* debian/install: all _fam microcode files for install
* docs: use glob pattern for _fam* README
* control: remove homepage and update standards-version
-- Henrique de Moraes Holschuh <email address hidden> Tue, 20 Jan 2015 11:05:40 -0200
-
amd64-microcode (1.20120910-2) unstable; urgency=medium
* initramfs: work around initramfs-tools bug #688794.
Use "_" in place of "+-." for the initramfs script name. This works
around a PANIC during boot when the initramfs was created in a system
with noexec $TMPDIR.
-- Henrique de Moraes Holschuh <email address hidden> Tue, 09 Oct 2012 08:18:01 -0300
-
amd64-microcode (1.20120910-1) unstable; urgency=medium
* AMD microcode release 20120910
+ updated microcode:
sig 0x00600F12, id 0x06000629: errata (+) 691, 709, 740;
+ new microcode:
sig 0x00610F01, id 0x06001119: errata 671, 686, 697, 698, 699, 704, 709,
734, 740;
+ This update adds critical errata fixes for commonly used features.
The hit probability of these errata is unknown to the Debian maintainer.
* README.Debian: mention module-init-tools, not just kmod. This is useful
when backporting to Debian Squeeze
* debian/control: add Vcs-* fields
-- Henrique de Moraes Holschuh <email address hidden> Fri, 14 Sep 2012 15:39:37 -0300
-
amd64-microcode (1.20120117-2) unstable; urgency=low
* debian/control: priority of this package should be standard,
not extra. All AMD-based X86 boxes should install this package
* debian/control: update package description
-- Henrique de Moraes Holschuh <email address hidden> Mon, 09 Jul 2012 21:50:35 -0300
-
amd64-microcode (0.20120117-1) unstable; urgency=medium
* AMD microcode release 20120117:
sig 0x00100F22, id 0x01000083: errata 244, 260, 280, 302, 308, 315, 342;
sig 0x00100F23, id 0x01000083: errata 244, 260, 280, 302, 308, 315, 342;
sig 0x00100F2A, id 0x01000084: errata 244, 260, 280, 302, 308, 315, 342;
sig 0x00100F42, id 0x010000DB: errata 342, 440, 573;
sig 0x00100F43, id 0x010000C8: errata 407, 440;
sig 0x00100F52, id 0x010000DB: errata 342, 440, 573;
sig 0x00100F53, id 0x010000C8: errata 407, 440;
sig 0x00100F62, id 0x010000C7: errata 407, 440;
sig 0x00100F63, id 0x010000C8: errata 407, 440;
sig 0x00100F80, id 0x010000DA: errata 419, 440, 573;
sig 0x00100F81, id 0x010000D9: errata 406, 407, 440, 573, 669;
sig 0x00100F91, id 0x010000D9: errata 406, 407, 440, 573, 669;
sig 0x00100FA0, id 0x010000DC: errata 438, 440, 573;
sig 0x00300F10, id 0x03000027: errata 564, 573, 662, 686;
sig 0x00500F10, id 0x05000028: errata 461, 564, 594, 595;
sig 0x00500F20, id 0x0500010D: errata 461, 564, 594, 639, 662, 686;
sig 0x00600F12, id 0x06000624: errata 659, 660, 661, 668, 671, 672, 673;
* Initial upload to Debian, urgency medium because we need this in Wheezy
to properly support AMD processors. Closes: #676921.
-- Henrique de Moraes Holschuh <email address hidden> Sun, 10 Jun 2012 12:22:01 -0300
