add information about Intel Special Register Buffer Data Sampling Advisory.
thanks sbruno we got such a quick fix.
Created attachment 215478 [details]
patch for vuxml
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/160645503
can you have a look at this? Is this relevant?
Well, its definitely relevant, but is way outside of my knowledge areas.
If you're asking if this should be patched into VUXML, that's a secteam question IMO. I can't tell if there's any version of microcode that fixes the issues linked in the update.
(In reply to Sean Bruno from comment #4)
Good point, Sean. We are going to continue having a hard time verifying if a microcode update actually fixes a problem for good.
However, we can say for certain that devcpu-data before the given version number definitely contains the issue. Hence, it should be documented in vuxml, otherwise pkg audit won't show any known CVEs for earlier versions of the port.
A commit references this bug:
Date: Mon Dec 28 13:15:59 UTC 2020
New revision: 559468
Document CVE-2020-0543 for Intel CPUs.
Submitted by: email@example.com