diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2023-07-24 22:07:56 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2023-07-25 13:30:36 +0200 |
commit | 0ac01cde033f305e11c290cbd5db0f7b80b75da9 (patch) | |
tree | c5808ebf50aa44108aa3ec9c999454e56d2cffbe /ChangeLog.rss | |
parent | 7dde293aa0b2d58d9f1eee9d1fadc6ce2224f9db (diff) | |
download | current-0ac01cde033f305e11c290cbd5db0f7b80b75da9.tar.gz current-0ac01cde033f305e11c290cbd5db0f7b80b75da9.tar.xz |
Mon Jul 24 22:07:56 UTC 202320230724220756_15.0
patches/packages/kernel-firmware-20230724_59fbffa-noarch-1.txz: Upgraded.
AMD microcode updated to fix a use-after-free in AMD Zen2 processors.
From Tavis Ormandy's annoucement of the issue:
"The practical result here is that you can spy on the registers of other
processes. No system calls or privileges are required.
It works across virtual machines and affects all operating systems.
I have written a poc for this issue that's fast enough to reconstruct
keys and passwords as users log in."
For more information, see:
https://seclists.org/oss-sec/2023/q3/59
https://www.cve.org/CVERecord?id=CVE-2023-20593
(* Security fix *)
Diffstat (limited to 'ChangeLog.rss')
-rw-r--r-- | ChangeLog.rss | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss index 0956ea022..39cf32eee 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,10 +11,32 @@ <description>Tracking Slackware development in git.</description> <language>en-us</language> <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id> - <pubDate>Mon, 24 Jul 2023 00:17:18 GMT</pubDate> - <lastBuildDate>Mon, 24 Jul 2023 11:30:21 GMT</lastBuildDate> + <pubDate>Mon, 24 Jul 2023 22:07:56 GMT</pubDate> + <lastBuildDate>Tue, 25 Jul 2023 11:30:23 GMT</lastBuildDate> <generator>maintain_current_git.sh v 1.17</generator> <item> + <title>Mon, 24 Jul 2023 22:07:56 GMT</title> + <pubDate>Mon, 24 Jul 2023 22:07:56 GMT</pubDate> + <link>https://git.slackware.nl/current/tag/?h=20230724220756</link> + <guid isPermaLink="false">20230724220756</guid> + <description> + <![CDATA[<pre> +patches/packages/kernel-firmware-20230724_59fbffa-noarch-1.txz: Upgraded. + AMD microcode updated to fix a use-after-free in AMD Zen2 processors. + From Tavis Ormandy's annoucement of the issue: + "The practical result here is that you can spy on the registers of other + processes. No system calls or privileges are required. + It works across virtual machines and affects all operating systems. + I have written a poc for this issue that's fast enough to reconstruct + keys and passwords as users log in." + For more information, see: + https://seclists.org/oss-sec/2023/q3/59 + https://www.cve.org/CVERecord?id=CVE-2023-20593 + (* Security fix *) + </pre>]]> + </description> + </item> + <item> <title>Mon, 24 Jul 2023 00:17:18 GMT</title> <pubDate>Mon, 24 Jul 2023 00:17:18 GMT</pubDate> <link>https://git.slackware.nl/current/tag/?h=20230724001718</link> |