generated from sig_core/wiki-template
Deployed d719891
with MkDocs version: 1.5.3
This commit is contained in:
parent
283f5a3980
commit
1b82790b63
12
index.html
12
index.html
@ -353,6 +353,13 @@
|
||||
Extra packages (currently only for EL9)
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="#override-packages-for-el8-and-el9" class="md-nav__link">
|
||||
Override packages (for EL8 and EL9)
|
||||
</a>
|
||||
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
@ -733,10 +740,13 @@
|
||||
<ul>
|
||||
<li><a href="packages/hardened_malloc/">hardened_malloc</a> (Security-focused memory allocator providing the malloc API, and a script to preload it into existing program binaries)</li>
|
||||
</ul>
|
||||
<h3 id="override-packages-for-el8-and-el9">Override packages (for EL8 and EL9)<a class="headerlink" href="#override-packages-for-el8-and-el9" title="Permanent link">¶</a></h3>
|
||||
<ul>
|
||||
<li><a href="packages/microcode_ctl/">microcode_ctl</a> (updates Intel CPU microcode to microcode-20231114, which fixes <a href="issues/CVE-2023-23583/">CVE-2023-23583</a>)</li>
|
||||
</ul>
|
||||
<h3 id="override-packages-currently-only-for-el9">Override packages (currently only for EL9)<a class="headerlink" href="#override-packages-currently-only-for-el9" title="Permanent link">¶</a></h3>
|
||||
<ul>
|
||||
<li><a href="packages/glibc/">glibc</a> (adds many security-hardening changes originating from Owl and ALT Linux on top of EL package)</li>
|
||||
<li><a href="packages/microcode_ctl/">microcode_ctl</a> (updates Intel CPU microcode to microcode-20231114, which fixes <a href="issues/CVE-2023-23583/">CVE-2023-23583</a>)</li>
|
||||
<li><a href="packages/openssh/">openssh</a> (fewer shared libraries exposed in sshd processes while otherwise fully matching EL package's functionality)</li>
|
||||
</ul>
|
||||
<p>The changes are described in more detail on the per-package wiki pages linked above, as well as in the package changelogs.
|
||||
|
@ -651,18 +651,18 @@
|
||||
<ul>
|
||||
<li>Fixed in version: <code>4:20231114-1.el9_2.security</code> available November 15, 2023</li>
|
||||
</ul>
|
||||
<p>Please refer to our <a href="../../packages/microcode_ctl/">override package of microcode_ctl</a>.</p>
|
||||
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">¶</a></h2>
|
||||
<ul>
|
||||
<li>Not fixed yet, will fix.</li>
|
||||
<li>Fixed in version <code>4:20230808-2.20231009.1.el8.security</code> available November 16, 2023</li>
|
||||
</ul>
|
||||
<p>Please refer to our <a href="../../packages/microcode_ctl/">override package of microcode_ctl</a>.</p>
|
||||
|
||||
<hr>
|
||||
<div class="md-source-file">
|
||||
<small>
|
||||
|
||||
Last update:
|
||||
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
|
||||
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 16, 2023</span>
|
||||
|
||||
|
||||
</small>
|
||||
|
@ -534,7 +534,14 @@
|
||||
EL9
|
||||
</a>
|
||||
|
||||
<nav class="md-nav" aria-label="EL9">
|
||||
</li>
|
||||
|
||||
<li class="md-nav__item">
|
||||
<a href="#el8" class="md-nav__link">
|
||||
EL8
|
||||
</a>
|
||||
|
||||
<nav class="md-nav" aria-label="EL8">
|
||||
<ul class="md-nav__list">
|
||||
|
||||
<li class="md-nav__item">
|
||||
@ -639,13 +646,21 @@
|
||||
<h2 id="el9">EL9<a class="headerlink" href="#el9" title="Permanent link">¶</a></h2>
|
||||
<ul>
|
||||
<li>Version <code>4:20231114-1.el9_2.security</code></li>
|
||||
<li>Based on <code>4:20230808-2</code></li>
|
||||
<li>Based on <code>4:20230808-2.el9</code></li>
|
||||
</ul>
|
||||
<p>This is our custom revision of a post-9.2 EL9 package. We use Intel's latest released microcode.</p>
|
||||
<h2 id="el8">EL8<a class="headerlink" href="#el8" title="Permanent link">¶</a></h2>
|
||||
<ul>
|
||||
<li>Version <code>4:20230808-2.20231009.1.el8.security</code></li>
|
||||
<li>Based on <code>4:20230808-2.20231009.1.el8</code></li>
|
||||
</ul>
|
||||
<p>This is a rebuild of the 8.9 package as-is to make it available for 8.8. It uses Intel's fixed microcode revision that was provided to distros privately in preparation for the coordinated disclosure.</p>
|
||||
<h3 id="changes-summary">Changes summary<a class="headerlink" href="#changes-summary" title="Permanent link">¶</a></h3>
|
||||
<ul>
|
||||
<li>Update Intel CPU microcode to microcode-20231114 (fixes <a href="../../issues/CVE-2023-23583/">CVE-2023-23583</a>), temporarily dropping most documentation patches</li>
|
||||
<li>Update Intel CPU microcode to fix <a href="../../issues/CVE-2023-23583/">CVE-2023-23583</a>, temporarily dropping most documentation patches</li>
|
||||
</ul>
|
||||
<h3 id="change-log">Change log<a class="headerlink" href="#change-log" title="Permanent link">¶</a></h3>
|
||||
<p>For EL9:</p>
|
||||
<div class="highlight"><pre><span></span><code>* Tue Nov 14 2023 Solar Designer <solar@openwall.com> - 4:20231114-1
|
||||
- Update Intel CPU microcode to microcode-20231114 (fixes CVE-2023-23583),
|
||||
temporarily dropping most documentation patches
|
||||
@ -656,7 +671,7 @@
|
||||
<small>
|
||||
|
||||
Last update:
|
||||
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 15, 2023</span>
|
||||
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-date">November 16, 2023</span>
|
||||
|
||||
|
||||
</small>
|
||||
|
File diff suppressed because one or more lines are too long
BIN
sitemap.xml.gz
BIN
sitemap.xml.gz
Binary file not shown.
Loading…
Reference in New Issue
Block a user