security/wiki
8
0
Fork 1
generated from sig_core/wiki-template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add pages for microcode_ctl and two CVEs; edit a few things #10

Merged
neil merged 5 commits from solardiz-patch-8 into main 2023-11-15 21:58:36 +00:00
Conversation 0 Commits 5 Files Changed 4 +19
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit cf390f30fa - Show all commits

1
docs/index.md
View File

@ -46,6 +46,7 @@ Install the package with `rpm -U --nodeps`. The `--nodeps` option is needed to b
### Override packages (currently only for EL9)
- [glibc](packages/glibc.md) (adds many security-hardening changes originating from Owl and ALT Linux on top of EL package)
- [microcode_ctl](packages/microcode_ctl.md) (updates Intel CPU microcode to microcode-20231114, which fixes CVE-2023-23583)
- [openssh](packages/openssh.md) (fewer shared libraries exposed in sshd processes while otherwise fully matching EL package's functionality)
The changes are described in more detail on the per-package wiki pages linked above, as well as in the package changelogs.

18
docs/packages/microcode_ctl.md Normal file
View File

@ -0,0 +1,18 @@
# Override package: microcode_ctl
## EL9
- Version `4:20231114-1`
- Based on `4:20230808-2`
### Changes summary
- Update Intel CPU microcode to microcode-20231114 (fixes [CVE-2023-23583](https://www.openwall.com/lists/oss-security/2023/11/14/4)), temporarily dropping most documentation patches
### Change log
```
* Tue Nov 14 2023 Solar Designer <solar@openwall.com> - 4:20231114-1
- Update Intel CPU microcode to microcode-20231114 (fixes CVE-2023-23583),
temporarily dropping most documentation patches
```