[ubuntu/questing-proposed] amd64-microcode 3.20250708.1ubuntu1 (Accepted)

Rodrigo Figueiredo Zaiden rodrigo.zaiden at canonical.com
Tue Aug 19 18:57:14 UTC 2025 

amd64-microcode (3.20250708.1ubuntu1) questing; urgency=medium

  [ Rodrigo Figueiredo Zaiden ]
  * SECURITY UPDATE: Update package data from linux-firmware 20250708 (LP: #2120893)
    - Updated microcodes:
      Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820d Length=5568 bytes
      Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108109 Length=5568 bytes
      Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102e Length=5568 bytes
      Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201211 Length=5568 bytes
      Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404108 Length=5568 bytes
      Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500012 Length=5568 bytes
      Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a60120a Length=5568 bytes
      Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704108 Length=5568 bytes
      Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705208 Length=5568 bytes
      Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708008 Length=5568 bytes
      Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c008 Length=5568 bytes
    - CVE-2024-36350 (AMD-SB-7029)
      A transient execution vulnerability in some AMD processors may allow
      an attacker to infer data from previous stores, potentially resulting
      in the leakage of privileged information.
    - CVE-2024-36357 (AMD-SB-7029)
      A transient execution vulnerability in some AMD processors may allow
      an attacker to infer data in the L1D cache, potentially resulting in
      the leakage of sensitive information across privileged boundaries.
  * Remaining changes:
    - initramfs-tools hook (debian/initramfs.hook):
      + Default to 'early' instead of 'auto' when building with
        MODULES=most
      + Do not override preset defaults from auto-exported conf
        snippets loaded by initramfs-tools.

  [ Marc Deslauriers ]
  * Also Update AMD PMF TA Firmware to v3.1 to match the upstream git tag.

Date: Mon, 18 Aug 2025 22:08:22 -0300
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/amd64-microcode/3.20250708.1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 18 Aug 2025 22:08:22 -0300
Source: amd64-microcode
Built-For-Profiles: noudeb
Architecture: source
Version: 3.20250708.1ubuntu1
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
Launchpad-Bugs-Fixed: 2120893
Changes:
 amd64-microcode (3.20250708.1ubuntu1) questing; urgency=medium
 .
   [ Rodrigo Figueiredo Zaiden ]
   * SECURITY UPDATE: Update package data from linux-firmware 20250708 (LP: #2120893)
     - Updated microcodes:
       Family=0x19 Model=0x08 Stepping=0x02: Patch=0x0a00820d Length=5568 bytes
       Family=0x19 Model=0x18 Stepping=0x01: Patch=0x0a108109 Length=5568 bytes
       Family=0x19 Model=0x21 Stepping=0x00: Patch=0x0a20102e Length=5568 bytes
       Family=0x19 Model=0x21 Stepping=0x02: Patch=0x0a201211 Length=5568 bytes
       Family=0x19 Model=0x44 Stepping=0x01: Patch=0x0a404108 Length=5568 bytes
       Family=0x19 Model=0x50 Stepping=0x00: Patch=0x0a500012 Length=5568 bytes
       Family=0x19 Model=0x61 Stepping=0x02: Patch=0x0a60120a Length=5568 bytes
       Family=0x19 Model=0x74 Stepping=0x01: Patch=0x0a704108 Length=5568 bytes
       Family=0x19 Model=0x75 Stepping=0x02: Patch=0x0a705208 Length=5568 bytes
       Family=0x19 Model=0x78 Stepping=0x00: Patch=0x0a708008 Length=5568 bytes
       Family=0x19 Model=0x7c Stepping=0x00: Patch=0x0a70c008 Length=5568 bytes
     - CVE-2024-36350 (AMD-SB-7029)
       A transient execution vulnerability in some AMD processors may allow
       an attacker to infer data from previous stores, potentially resulting
       in the leakage of privileged information.
     - CVE-2024-36357 (AMD-SB-7029)
       A transient execution vulnerability in some AMD processors may allow
       an attacker to infer data in the L1D cache, potentially resulting in
       the leakage of sensitive information across privileged boundaries.
   * Remaining changes:
     - initramfs-tools hook (debian/initramfs.hook):
       + Default to 'early' instead of 'auto' when building with
         MODULES=most
       + Do not override preset defaults from auto-exported conf
         snippets loaded by initramfs-tools.
 .
   [ Marc Deslauriers ]
   * Also Update AMD PMF TA Firmware to v3.1 to match the upstream git tag.
Checksums-Sha1:
 4f703bc44e72c345c8e43e8af99b0936c7b12b46 1802 amd64-microcode_3.20250708.1ubuntu1.dsc
 53a56dcd1e3e36a46c44f1b507f6015cfe75afee 296544 amd64-microcode_3.20250708.1ubuntu1.tar.xz
 6743e785177bd72d6348101e969e5ed904d18b51 6319 amd64-microcode_3.20250708.1ubuntu1_source.buildinfo
Checksums-Sha256:
 4a4e9ff1615adb0dfd9af30735af1e596440835cb574be1035889cbb20f11398 1802 amd64-microcode_3.20250708.1ubuntu1.dsc
 3b49770da37d3bb58b43eaefaf072addf90d5b42a35c7c025cf17075db11a135 296544 amd64-microcode_3.20250708.1ubuntu1.tar.xz
 4b2707b524db152852de91aa74792e2d322734a851fbdc2715068b205f6cd14d 6319 amd64-microcode_3.20250708.1ubuntu1_source.buildinfo
Files:
 914ed046b98ac310a4dfa91cd16eda29 1802 non-free-firmware/admin standard amd64-microcode_3.20250708.1ubuntu1.dsc
 5993df8fbc7c7b6989eb908266360653 296544 non-free-firmware/admin standard amd64-microcode_3.20250708.1ubuntu1.tar.xz
 d3e987a0c9a8d44db28c523d96b7a412 6319 non-free-firmware/admin standard amd64-microcode_3.20250708.1ubuntu1_source.buildinfo
Original-Maintainer: Henrique de Moraes Holschuh <hmh at debian.org>

More information about the Questing-changes mailing list