Bug #15173
Upgrade Intel processor microcodes to mitigate the Spectre attack
100%
Description
This is a follow-up on Bug #15148 because we could not upgrade the Intel microcode in Tails 3.5.
Once https://bugs.debian.org/886998 is fixed we can revert commit:eab2135464682cac54ed5cfc8ef2f9e0529a9913.
Subtasks
Related issues
|
Blocked by Tails - |
Resolved | 2018-01-06 | |
|
Blocked by Tails - |
Resolved | 2018-01-30 | |
|
Blocks Tails - |
Resolved | 2017-06-29 |
History
#1 Updated by intrigeri 2018-01-16 13:40:48
- blocks
Feature #13245: Core work 2018Q1: Foundations Team added
#2 Updated by intrigeri 2018-01-16 13:40:58
- blocked by
Bug #15148: Upgrade AMD processor microcodes to mitigate the Spectre attack added
#3 Updated by intrigeri 2018-01-16 13:42:51
- Priority changed from Normal to Elevated
#4 Updated by intrigeri 2018-02-14 07:39:24
- Status changed from Confirmed to In Progress
- % Done changed from 0 to 10
- Feature Branch set to feature/15173-upgrade-intel-microcode
There’s no good enough firmware currently available with CPU support for Spectre variant 2 mitigation so in the meantime let’s upgrade to the version in stretch-backports so we:
- push the other bugfixes to our users
- are better prepared for the Spectre variant 2 mitigation once it’s ready
- minimize the change we’ll have to make when we upgrade microcode to a version that supports Spectre variant 2 mitigation (which can be useful e.g. if we do that in a Tails bugfix release)
Note to the reviewer/merger
Do not close this ticket when merging the proposed branch.
#5 Updated by intrigeri 2018-02-14 08:12:58
- blocked by
Bug #15270: devel branch FTBFS since torbrowser-launcher 0.2.9 entered sid added
#6 Updated by intrigeri 2018-02-14 09:28:10
- Assignee changed from intrigeri to bertagaz
- QA Check set to Ready for QA
Note to the reviewer/merger
When merging the proposed branch, do not close this ticket. Instead, reassign it to me for 3.7. Thanks!
#7 Updated by bertagaz 2018-02-20 09:51:09
- Assignee changed from bertagaz to intrigeri
- Target version changed from Tails_3.6 to Tails_3.7
- % Done changed from 10 to 20
- QA Check changed from Ready for QA to Dev Needed
Ok, this first part is merged congrats, reassigning as asked.
#8 Updated by intrigeri 2018-03-06 14:13:10
- QA Check deleted (
Dev Needed)
#9 Updated by intrigeri 2018-03-22 15:20:45
The fix is now in stretch-backports: 3.20180312.1~bpo9+1. But given the cautious timeline the maintainer wants wrt. upgrading in stable, let’s not rush this. I’ll check closer to 3.7 if we want to make a freeze exception for that upgrade.
#10 Updated by intrigeri 2018-03-23 10:25:25
- Priority changed from Elevated to Normal
#11 Updated by intrigeri 2018-03-28 13:33:57
- blocks
Feature #15139: Core work 2018Q2: Foundations Team added
#12 Updated by intrigeri 2018-03-28 13:33:58
- blocked by deleted (
Feature #13245: Core work 2018Q1: Foundations Team
#13 Updated by intrigeri 2018-03-29 10:37:53
- Status changed from In Progress to Fix committed
- Target version changed from Tails_3.7 to Tails_3.6.2
- % Done changed from 20 to 100
Done via Bug #15457.
#14 Updated by intrigeri 2018-03-29 10:38:05
- blocked by deleted (
Feature #15139: Core work 2018Q2: Foundations Team
#15 Updated by intrigeri 2018-03-29 10:38:17
- blocks
Feature #13245: Core work 2018Q1: Foundations Team added
#16 Updated by anonym 2018-03-29 13:13:28
- Assignee deleted (
intrigeri)
#17 Updated by anonym 2018-03-30 16:59:59
- Status changed from Fix committed to Resolved