Re: cpu-microcode-intel-20231114
- In reply to: Martin Simmons : "Re: cpu-microcode-intel-20231114"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 15 Apr 2024 14:27:50 UTC
hi
$ cat /usr/local/etc/pkg/repos/FreeBSD.conf
FreeBSD: {
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
mirror_type: "srv",
enabled: yes
}
$ pkg search cpu-microcode-intel
cpu-microcode-intel-20240312 Intel CPU microcode updates
April 15, 2024 4:19 PM, "Marek Anioła" <man130117@outlook.com> wrote:
> No, it only shows the old version:
>
> ~ # pkg search cpu-microcode-intel
> cpu-microcode-intel-20231114 Intel CPU microcode updates
> ~ #
>
> The latest version (20240312) is not available.
>
> From: Martin Simmons <martin@lispworks.com>
> Sent: Monday, April 15, 2024 15:56
> To: Marek Anioła <man130117@outlook.com>
> Cc: freebsd-security@freebsd.org <freebsd-security@freebsd.org>
> Subject: Re: cpu-microcode-intel-20231114
>
>> On Mon, 15 Apr 2024 09:09:57 +0000, =?iso-8859-2?Q?Marek Anio=B3a?= said:
>>
>> As of 13 March 2024. "pkg audit" reports the following vulnerabilities in FreeBSD 13.3-RELEASE-p1:
>>
>> cpu-microcode-intel-20231114 is vulnerable:
>> Intel processors - multiple vulnerabilities
>> CVE: CVE-2023-43490
>> CVE: CVE-2023-22655
>> CVE: CVE-2023-28746
>> CVE: CVE-2023-38575
>> CVE: CVE-2023-39368
>> WWW: https://vuxml.FreeBSD.org/freebsd/b6dd9d93-e09b-11ee-92fc-1c697a616631.html
>>
>> Found 1 issue(s) in 1 installed package(s).
>>
>> The website https://www.freshports.org/sysutils/cpu-microcode-intel shows that an update to the
>> package appeared the day before (2024-03-12), but the BINARY package providing THE UPDATE IS STILL
>> NOT AVAILABLE!
>>
>> Should this be the case?
>> Or, should I update the microcode in some other way?
>
> pkg search cpu-microcode-intel says the latest version is called
> cpu-microcode-intel-20240312. I don't know why these packages have dates in
> their names so they don't upgrade automatically.