[cyber] I: p11/branch packages: +2! +4 (19923)
QA Team Robot
qa на altlinux.org
Чт Ноя 27 03:18:37 MSK 2025
2 ADDED packages
apt-gpgkeys-pki - APT PKI for external GnuPG keys
* Tue Nov 25 2025 Evgeny Sinelnikov <sin на altlinux> 0.2-alt1
- Fix apt-gpgkeys utility (closes: 57005).
- Fix filetrigger execution access (closes: 57006).
* Fri Oct 10 2025 Evgeny Sinelnikov <sin на altlinux> 0.1-alt1
- Initial APT PKI for external GnuPG keys.
qwen-code - AI-powered command-line workflow tool for developers [56M]
* Wed Nov 19 2025 Alexander Makeenkov <amakeenk на altlinux> 0.2.2-alt1
- Updated to version 0.2.2.
* Fri Nov 14 2025 Alexander Makeenkov <amakeenk на altlinux> 0.2.1-alt1
- Updated to version 0.2.1.
* Fri Nov 07 2025 Alexander Makeenkov <amakeenk на altlinux> 0.2.0-alt1
- Updated to version 0.2.0.
* Thu Nov 06 2025 Alexander Makeenkov <amakeenk на altlinux> 0.1.4-alt1
4 UPDATED packages
firmware-intel-ucode - Microcode definitions for Intel processors [13M]
* Thu Nov 13 2025 L.A. Kostis <lakostis на altlinux> 2:33-alt1.20251111
- New upstream microcode datafile 20251111:
+ Update functional issues for Gen12th/13th/14th Core Processors
+ Update functional issues for 4th/5th Xeon Processors
+ Update functional issues for Core Ultra (Series 2)/Ultra 200 V Processors
+ Update functional issues for Core i3 N-Series Processors
+ Update functional issues for Xeon 6500/6700/6900 Processors
+ Update functional issues for Xeon 6700P-B/6500P-B Series SoC with P-Cores
+ Updated microcodes:
sig 0x000806f4, pf_mask 0x87, rev 0x2b000650
sig 0x000806f4, pf_mask 0x10, rev 0x2c000410
sig 0x000806f5, pf_mask 0x87, rev 0x2b000650
sig 0x000806f5, pf_mask 0x10, rev 0x2c000410
sig 0x000806f6, pf_mask 0x87, rev 0x2b000650
sig 0x000806f6, pf_mask 0x10, rev 0x2c000410
sig 0x000806f7, pf_mask 0x87, rev 0x2b000650
sig 0x000806f8, pf_mask 0x87, rev 0x2b000650
sig 0x000806f8, pf_mask 0x10, rev 0x2c000410
sig 0x00090672, pf_mask 0x07, rev 0x003d
sig 0x00090675, pf_mask 0x07, rev 0x003d
sig 0x000906a3, pf_mask 0x80, rev 0x043a
sig 0x000906a4, pf_mask 0x80, rev 0x043a
sig 0x000906a4, pf_mask 0x40, rev 0x000b
sig 0x000a06d1, pf_mask 0x95, rev 0x10003f0
sig 0x000a06d1, pf_mask 0x20, rev 0xa000124
sig 0x000a06f3, pf_mask 0x01, rev 0x3000382
sig 0x000b0650, pf_mask 0x80, rev 0x000a
sig 0x000b0671, pf_mask 0x32, rev 0x0132
sig 0x000b0674, pf_mask 0x32, rev 0x0132
sig 0x000b06a2, pf_mask 0xe0, rev 0x6133
sig 0x000b06a3, pf_mask 0xe0, rev 0x6133
sig 0x000b06a8, pf_mask 0xe0, rev 0x6133
sig 0x000b06d1, pf_mask 0x80, rev 0x0125
sig 0x000b06e0, pf_mask 0x19, rev 0x001e
sig 0x000b06f2, pf_mask 0x07, rev 0x003d
sig 0x000b06f5, pf_mask 0x07, rev 0x003d
sig 0x000b06f6, pf_mask 0x07, rev 0x003d
sig 0x000b06f7, pf_mask 0x07, rev 0x003d
sig 0x000c0652, pf_mask 0x82, rev 0x011a
sig 0x000c0662, pf_mask 0x82, rev 0x011a
sig 0x000c0664, pf_mask 0x82, rev 0x011a
sig 0x000c06a2, pf_mask 0x82, rev 0x011a
sig 0x000c06f1, pf_mask 0x87, rev 0x210002c0
sig 0x000c06f2, pf_mask 0x87, rev 0x210002c0
+ New microcode:
sig 0x000a06e1, pf_mask 0x97, rev 0x1000273
* Tue Aug 12 2025 L.A. Kostis <lakostis на altlinux> 2:32-alt1.20250812
- New upstream microcode datafile 20250812:
+ Mitigations for (INTEL-SA-01249):
CVE-2025-20109: Improper Isolation or Compartmentalization in the stream
cache mechanism for some Intel Processors may allow an authenticated user
to potentially enable escalation of privilege via local access.
+ Mitigations for (INTEL-SA-01308):
CVE-2025-22840: Sequence of processor instructions leads to unexpected
behavior for some Intel Xeon 6 Scalable processors may allow an
authenticated user to potentially enable escalation of privilege via local
access
+ Mitigations for (INTEL-SA-01310):
CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM
for some Intel Xeon 6 Scalable processors may allow a privileged user to
potentially enable escalation of privilege via adjacent access.
+ Mitigations for (INTEL-SA-01311):
CVE-2025-22889: Improper handling of overlap between protected memory
ranges for some Intel Xeon 6 processor with Intel TDX may allow a
privileged user to potentially enable escalation of privilege via local
access.
+ Mitigations for (INTEL-SA-01313):
CVE-2025-20053: Improper buffer restrictions for some Intel Xeon
Processor firmware with SGX enabled may allow a privileged user to
potentially enable escalation of privilege via local access.
CVE-2025-24305: Insufficient control flow management in the Alias Checking
Trusted Module (ACTM) firmware for some Intel Xeon processors may allow a
privileged user to potentially enable escalation of privilege via local
access.
CVE-2025-21090: Missing reference to active allocated resource for some
Intel Xeon processors may allow an authenticated user to potentially
enable denial of service via local access.
+ Mitigations for (INTEL-SA-01367):
CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel
Xeon 6 processors when using Intel SGX or Intel TDX may allow a
privileged user to potentially enable escalation of privilege via local
access.
CVE-2025-32086: Improperly implemented security check for standard in the DDRIO
configuration for some Intel Xeon 6 Processors when using Intel SGX or
Intel TDX may allow a privileged user to potentially enable escalation of
privilege via local access.
+ Fixes for functional issues on several processor models.
+ Updated microcodes:
sig 0x000606a6, pf_mask 0x87, 2025-03-11, rev 0xd000410, size 309248
sig 0x000606c1, pf_mask 0x10, 2025-03-06, rev 0x10002e0, size 301056
sig 0x000806f4, pf_mask 0x10, 2025-04-08, rev 0x2c000401, size 625664
sig 0x000806f4, pf_mask 0x87, 2025-04-04, rev 0x2b000643, size 592896
sig 0x000806f5, pf_mask 0x10, 2025-04-08, rev 0x2c000401, size 625664
sig 0x000806f5, pf_mask 0x87, 2025-04-04, rev 0x2b000643, size 592896
sig 0x000806f6, pf_mask 0x10, 2025-04-08, rev 0x2c000401, size 625664
sig 0x000806f6, pf_mask 0x87, 2025-04-04, rev 0x2b000643, size 592896
sig 0x000806f7, pf_mask 0x87, 2025-04-04, rev 0x2b000643, size 592896
sig 0x000806f8, pf_mask 0x10, 2025-04-08, rev 0x2c000401, size 625664
sig 0x000806f8, pf_mask 0x87, 2025-04-04, rev 0x2b000643, size 592896
sig 0x000a06d1, pf_mask 0x20, 2025-05-15, rev 0xa000100, size 1638400
sig 0x000a06d1, pf_mask 0x95, 2025-05-15, rev 0x10003d0, size 1667072
sig 0x000a06f3, pf_mask 0x01, 2025-05-03, rev 0x3000362, size 1530880
sig 0x000b06a2, pf_mask 0xe0, 2025-02-24, rev 0x4129, size 224256
sig 0x000b06a3, pf_mask 0xe0, 2025-02-24, rev 0x4129, size 224256
sig 0x000b06a8, pf_mask 0xe0, 2025-02-24, rev 0x4129, size 224256
sig 0x000b06d1, pf_mask 0x80, 2025-05-21, rev 0x0123, size 80896
sig 0x000c0652, pf_mask 0x82, 2025-05-14, rev 0x0119, size 90112
sig 0x000c0662, pf_mask 0x82, 2025-05-14, rev 0x0119, size 90112
sig 0x000c0664, pf_mask 0x82, 2025-05-14, rev 0x0119, size 90112
sig 0x000c06a2, pf_mask 0x82, 2025-05-14, rev 0x0119, size 90112
* Sat May 17 2025 L.A. Kostis <lakostis на altlinux> 2:31-alt1.20250512
- Implement rudimental ucode blacklisting from debian
- Synced with debian/3.20250512.1:
+ New upstream microcode datafile 20250512:
- Mitigations for INTEL-SA-01153 (ITS: Indirect Target Selection):
CVE-2024-28956: Processor may incompletely mitigate Branch Target
Injection due to indirect branch predictions that are not fully
constrained by eIBRS nor by the IBPB barrier. Part of the "Training
Solo" set of vulnerabilities.
- Mitigations for INTEL-SA-01244:
CVE-2025-20103: Insufficient resource pool in the core management
mechanism for some Intel Processors may allow an authenticated user
to potentially enable denial of service via local access.
CVE-2025-20054: Uncaught exception in the core management mechanism
for some Intel Processors may allow an authenticated user to
potentially enable denial of service via local access.
- Mitigations for INTEL-SA-01247:
CVE-2024-43420, CVE-2025-20623: Exposure of sensitive information
caused by shared microarchitectural predictor state that influences
transient execution for some Intel Atom and some Intel Core
processors (10th Generation) may allow an authenticated user to
potentially enable information disclosure via local access.
CVE-2024-45332 (Branch Privilege Injection): Exposure of sensitive
information caused by shared microarchitectural predictor state that
influences transient execution in the indirect branch predictors for
some Intel Processors may allow an authenticated user to potentially
enable information disclosure via local access.
- Mitigations for INTEL-SA-01322:
CVE-2025-24495 (Training Solo): Incorrect initialization of resource
in the branch prediction unit for some Intel Core Ultra Processors
may allow an authenticated user to potentially enable information
disclosure via local access (IBPB bypass)
CVE-2025-20012 (Training Solo): Incorrect behavior order for some
Intel Core Ultra Processors may allow an unauthenticated user to
potentially enable information disclosure via physical access.
- Improved fix for the Vmin Shift Instability for the Intel Core 13th
and 14th gen processors under low-activity scenarios (sig 0xb0671).
This microcode update is supposed to be delivered as a system
firmware update, but according to Intel it should be effective when
loaded by the operating system if the system firmware has revision
0x12e.
- Fixes for unspecified functional issues on several processor models
+ New microcodes or new extended signatures:
sig 0x000a06d1, pf_mask 0x95, 2025-02-07, rev 0x10003a2, size 1664000
sig 0x000a06d1, pf_mask 0x20, 2025-02-07, rev 0xa0000d1, size 1635328
sig 0x000b0650, pf_mask 0x80, 2025-03-18, rev 0x000a, size 136192
sig 0x000b06d1, pf_mask 0x80, 2025-03-18, rev 0x011f, size 79872
sig 0x000c0662, pf_mask 0x82, 2025-03-20, rev 0x0118, size 90112
sig 0x000c06a2, pf_mask 0x82, 2025-03-20, rev 0x0118
sig 0x000c0652, pf_mask 0x82, 2025-03-20, rev 0x0118
sig 0x000c0664, pf_mask 0x82, 2025-03-20, rev 0x0118
+ Updated microcodes:
sig 0x00050657, pf_mask 0xbf, 2024-12-12, rev 0x5003901, size 39936
sig 0x0005065b, pf_mask 0xbf, 2024-12-12, rev 0x7002b01, size 30720
sig 0x000606a6, pf_mask 0x87, 2025-01-07, rev 0xd000404, size 309248
sig 0x000606c1, pf_mask 0x10, 2025-01-07, rev 0x10002d0, size 300032
sig 0x000706a8, pf_mask 0x01, 2024-12-05, rev 0x0026, size 76800
sig 0x000706e5, pf_mask 0x80, 2025-01-07, rev 0x00ca, size 115712
sig 0x000806c1, pf_mask 0x80, 2024-12-01, rev 0x00bc, size 112640
sig 0x000806c2, pf_mask 0xc2, 2024-12-01, rev 0x003c, size 99328
sig 0x000806d1, pf_mask 0xc2, 2024-12-11, rev 0x0056, size 105472
sig 0x000806ec, pf_mask 0x94, 2024-11-17, rev 0x0100, size 106496
sig 0x000806f8, pf_mask 0x87, 2025-01-28, rev 0x2b000639, size 591872
sig 0x000806f7, pf_mask 0x87, 2025-01-28, rev 0x2b000639
sig 0x000806f6, pf_mask 0x87, 2025-01-28, rev 0x2b000639
sig 0x000806f5, pf_mask 0x87, 2025-01-28, rev 0x2b000639
sig 0x000806f4, pf_mask 0x87, 2025-01-28, rev 0x2b000639
sig 0x000806f8, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7, size 624640
sig 0x000806f6, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7
sig 0x000806f5, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7
sig 0x000806f4, pf_mask 0x10, 2025-01-28, rev 0x2c0003f7
sig 0x00090672, pf_mask 0x07, 2024-12-12, rev 0x003a, size 226304
sig 0x00090675, pf_mask 0x07, 2024-12-12, rev 0x003a
sig 0x000b06f2, pf_mask 0x07, 2024-12-12, rev 0x003a
sig 0x000b06f5, pf_mask 0x07, 2024-12-12, rev 0x003a
sig 0x000b06f6, pf_mask 0x07, 2024-12-12, rev 0x003a
sig 0x000b06f7, pf_mask 0x07, 2024-12-12, rev 0x003a
sig 0x000906a3, pf_mask 0x80, 2024-12-12, rev 0x0437, size 224256
sig 0x000906a4, pf_mask 0x80, 2024-12-12, rev 0x0437
sig 0x000906a4, pf_mask 0x40, 2024-12-06, rev 0x000a, size 119808
sig 0x000906ed, pf_mask 0x22, 2024-11-14, rev 0x0104, size 106496
sig 0x000a0652, pf_mask 0x20, 2024-11-14, rev 0x0100, size 97280
sig 0x000a0653, pf_mask 0x22, 2024-11-14, rev 0x0100, size 98304
sig 0x000a0655, pf_mask 0x22, 2024-11-14, rev 0x0100, size 97280
sig 0x000a0660, pf_mask 0x80, 2024-11-14, rev 0x0102, size 98304
sig 0x000a0661, pf_mask 0x80, 2024-11-14, rev 0x0100, size 97280
sig 0x000a0671, pf_mask 0x02, 2024-12-01, rev 0x0064, size 108544
sig 0x000a06a4, pf_mask 0xe6, 2025-02-13, rev 0x0024, size 140288
sig 0x000a06f3, pf_mask 0x01, 2025-02-10, rev 0x3000341, size 1542144
sig 0x000b0671, pf_mask 0x32, 2025-03-17, rev 0x012f, size 219136
sig 0x000b0674, pf_mask 0x32, 2025-03-17, rev 0x012f
sig 0x000b06a2, pf_mask 0xe0, 2025-01-15, rev 0x4128, size 224256
sig 0x000b06a3, pf_mask 0xe0, 2025-01-15, rev 0x4128
sig 0x000b06a8, pf_mask 0xe0, 2025-01-15, rev 0x4128
sig 0x000b06e0, pf_mask 0x19, 2024-12-06, rev 0x001d, size 139264
sig 0x000c06f2, pf_mask 0x87, 2025-03-14, rev 0x210002a9, size 563200
sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9
+ Removed microcodes (ES/QS steppings):
sig 0x00050656, pf_mask 0xbf, 2023-07-28, rev 0x4003605, size 38912
sig 0x000c06f1, pf_mask 0x87, 2025-03-14, rev 0x210002a9 [EXCLUDED]
+ Makefile: exclude QS/ES steppings 0x50656, 0xc06f1.
* Wed Mar 19 2025 L.A. Kostis <lakostis на altlinux> 2:30-alt1.20250211
- Synced with debian/3.20250211.1:
+ New upstream microcode datafile 20250211:
- Mitigations for INTEL-SA-01166 (CVE-2024-31068)
Improper Finite State Machines (FSMs) in Hardware Logic for some Intel
Processors may allow privileged user to potentially enable denial of
service via local access.
- Mitigations for INTEL-SA-01213 (CVE-2024-36293)
Improper access control in the EDECCSSA user leaf function for some
Intel Processors with Intel SGX may allow an authenticated user to
potentially enable denial of service via local access. Intel disclosed
that some 9th Generation Intel Core processor models were already fixed
by a previous microcode update.
- Mitigations for INTEL-SA-01139 (CVE-2023-43758, CVE-2023-34440,
CVE-2024-24582, CVE-2024-29214, CVE-2024-28127, CVE-2024-39279,
CVE-2024-31157, CVE-2024-28047)
Improper input validation, insufficient granularity of access control,
and improper initialization issues in UEFI firmware for some Intel
processors may allow escalation of privilege, denial of service, or
information disclosure. An UEFI firmware update is needed for complete
mitigation.
- Mitigations for INTEL-SA-01228 (CVE-2024-39355)
Improper handling of physical or environmental conditions in some 13th
and 14th Generation Intel Core Processors may allow an authenticated
user to enable denial of service via local access. An UEFI firmware
update may be required for complete mitigation.
- Mitigations for INTEL-SA-01194 (CVE-2024-37020)
Sequence of processor instructions leads to unexpected behavior in the
Intel DSA V1.0 for some Intel Xeon Processors may allow an authenticated
user to potentially enable denial of service via local access.
- Fixes for unspecified functional issues on several processor models
+ New microcodes or new extended signatures:
sig 0x000a06f3, pf_mask 0x01, 2024-11-22, rev 0x3000330, size 1533952
sig 0x000b06f6, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x000b06f7, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x000b0674, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
+ Updated microcodes:
sig 0x000606a6, pf_mask 0x87, 2024-08-02, rev 0xd0003f5, size 308224
sig 0x000606c1, pf_mask 0x10, 2024-08-08, rev 0x10002c0, size 300032
sig 0x000806f8, pf_mask 0x87, 2024-07-30, rev 0x2b000620, size 589824
sig 0x000806f7, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f6, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f5, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f4, pf_mask 0x87, 2024-07-30, rev 0x2b000620
sig 0x000806f8, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0, size 622592
sig 0x000806f6, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x000806f5, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x000806f4, pf_mask 0x10, 2024-07-30, rev 0x2c0003e0
sig 0x00090672, pf_mask 0x07, 2024-08-01, rev 0x0038, size 225280
sig 0x00090675, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000b06f2, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000b06f5, pf_mask 0x07, 2024-08-01, rev 0x0038
sig 0x000906a3, pf_mask 0x80, 2024-08-01, rev 0x0436, size 223232
sig 0x000906a4, pf_mask 0x80, 2024-08-01, rev 0x0436
sig 0x000906a4, pf_mask 0x40, 2024-07-29, rev 0x0009, size 119808
sig 0x000906ea, pf_mask 0x22, 2024-07-28, rev 0x00fa, size 105472
sig 0x000906ed, pf_mask 0x22, 2024-07-31, rev 0x0102, size 106496
sig 0x000a0671, pf_mask 0x02, 2024-08-01, rev 0x0063, size 108544
sig 0x000b0671, pf_mask 0x32, 2024-09-25, rev 0x012c, size 211968
sig 0x000b06a2, pf_mask 0xe0, 2024-07-31, rev 0x4124, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-07-31, rev 0x4124
sig 0x000b06a8, pf_mask 0xe0, 2024-07-31, rev 0x4124
sig 0x000b06e0, pf_mask 0x19, 2024-09-06, rev 0x001c, size 138240
sig 0x000c06f2, pf_mask 0x87, 2024-07-30, rev 0x21000291, size 560128
sig 0x000c06f1, pf_mask 0x87, 2024-07-30, rev 0x21000291
+ source: update symlinks to reflect id of the latest release, 20250211
+ Update changelog for 3.20240813.1 with new information
* Thu Dec 05 2024 L.A. Kostis <lakostis на altlinux> 2:29-alt1.20241112
- Synced with debian/3.20241112.1 (original changelog below):
+ New upstream microcode datafile 20241112
- Mitigations for INTEL-SA-01101 (CVE-2024-21853)
Improper Finite State Machines (FSMs) in the Hardware logic in some
4th and 5th Generation Intel Xeon Processors may allow an authorized
user to potentially enable denial of service via local access.
- Mitigations for INTEL-SA-01079 (CVE-2024-23918)
Potential security vulnerabilities in some Intel Xeon processors
using Intel SGX may allow escalation of privilege. Intel disclosed
that some processor models were already fixed by a previous
microcode update.
- Updated mitigations for INTEL-SA-01097 (CVE-2024-24968)
Improper finite state machines (FSMs) in hardware logic in some
Intel Processors may allow an privileged user to potentially enable a
denial of service via local access.
- Mitigations for INTEL-SA-01103 (CVE-2024-23984)
A potential security vulnerability in the Running Average Power Limit
(RAPL) interface for some Intel Processors may allow information
disclosure. Added mitigations for more processor models.
+ Updated Microcodes:
sig 0x000806f8, pf_mask 0x87, 2024-06-20, rev 0x2b000603, size 588800
sig 0x000806f7, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f6, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f5, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x000806f4, pf_mask 0x87, 2024-06-20, rev 0x2b000603
sig 0x00090672, pf_mask 0x07, 2024-05-29, rev 0x0037, size 224256
sig 0x00090675, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000b06f2, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000b06f5, pf_mask 0x07, 2024-05-29, rev 0x0037
sig 0x000906a3, pf_mask 0x80, 2024-06-03, rev 0x0435, size 223232
sig 0x000906a4, pf_mask 0x80, 2024-06-03, rev 0x0435
sig 0x000a06a4, pf_mask 0xe6, 2024-08-02, rev 0x0020, size 138240
sig 0x000b06a2, pf_mask 0xe0, 2024-05-29, rev 0x4123, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-05-29, rev 0x4123
sig 0x000b06a8, pf_mask 0xe0, 2024-05-29, rev 0x4123
sig 0x000c06f2, pf_mask 0x87, 2024-06-20, rev 0x21000283, size 560128
sig 0x000c06f1, pf_mask 0x87, 2024-06-20, rev 0x21000283
* Tue Oct 08 2024 L.A. Kostis <lakostis на altlinux> 2:28-alt1.20240910
- Synced with debian/3.20240910.1 (original changelog below):
+ New upstream microcode datafile 20240910
- Mitigations for INTEL-SA-01103 (CVE-2024-23984)
A potential security vulnerability in the Running Average Power Limit
(RAPL) interface for some Intel Processors may allow information
disclosure.
- Mitigations for INTEL-SA-01097 (CVE-2024-24968)
A potential security vulnerability in some Intel Processors may allow
denial of service.
- Fixes for unspecified functional issues on several processor models
- The processor voltage limit issue on Core 13rd/14th gen REQUIRES A
FIRMWARE UPDATE. It is present in this release for sig 0xb0671, but
THE VOLTAGE ISSUE FIX ONLY WORKS WHEN THE MICROCODE UPDATE IS LOADED
THROUGH THE FIT TABLE IN FIRMWARE. Contact your system vendor for a
firmware update that includes the appropriate microcode update for
your processor.
+ Updated Microcodes:
sig 0x00090672, pf_mask 0x07, 2024-02-22, rev 0x0036, size 224256
sig 0x00090675, pf_mask 0x07, 2024-02-22, rev 0x0036
sig 0x000b06f2, pf_mask 0x07, 2024-02-22, rev 0x0036
sig 0x000b06f5, pf_mask 0x07, 2024-02-22, rev 0x0036
sig 0x000906a3, pf_mask 0x80, 2024-02-22, rev 0x0434, size 222208
sig 0x000906a4, pf_mask 0x80, 2024-02-22, rev 0x0434
sig 0x000a06a4, pf_mask 0xe6, 2024-06-17, rev 0x001f, size 137216
sig 0x000b0671, pf_mask 0x32, 2024-07-18, rev 0x0129, size 215040
sig 0x000b06a2, pf_mask 0xe0, 2024-02-22, rev 0x4122, size 220160
sig 0x000b06a3, pf_mask 0xe0, 2024-02-22, rev 0x4122
sig 0x000b06a8, pf_mask 0xe0, 2024-02-22, rev 0x4122
sig 0x000b06e0, pf_mask 0x19, 2024-03-25, rev 0x001a, size 138240
* Tue Aug 27 2024 L.A. Kostis <lakostis на altlinux> 2:27-alt1.20240813
mkimage-profiles - ALT based distribution metaprofile
* Wed Nov 26 2025 Anton Midyukov <antohami на altlinux> 1.8.8-alt1
- initrd-bootchain: 'add' instead 'set' MAIN_PACKAGES
- grub: add variable GRUB_GFXMODE (thanks fiersik@)
- firmware, x11: add firmware-nouveau (Closes: 56994)
- e2k: fix 20-initrd-e2k-kms on v6 (thanks mike@)
* Wed Nov 19 2025 Anton Midyukov <antohami на altlinux> 1.8.7-alt1
ollama - Get up and running with large language models [23M]
* Sat Nov 15 2025 Vitaly Chikunov <vt на altlinux> 0.12.11-alt1
- Update to v0.12.11 (2025-11-13).
* Sun Nov 09 2025 Vitaly Chikunov <vt на altlinux> 0.12.10-alt1
- Update to v0.12.10 (2025-11-05).
- Enable Vulkan GPU runner (ollama-vulkan).
* Sun Nov 02 2025 Vitaly Chikunov <vt на altlinux> 0.12.9-alt1
- Update to v0.12.9 (2025-10-31).
* Sun Oct 26 2025 Vitaly Chikunov <vt на altlinux> 0.12.3-alt1
- Update to v0.12.3 (2025-09-25).
* Mon Sep 15 2025 Vitaly Chikunov <vt на altlinux> 0.11.11-alt1
- Update to v0.11.11 (2025-09-12).
* Sat Sep 06 2025 Vitaly Chikunov <vt на altlinux> 0.11.10-alt1
- Update to v0.11.10 (2025-09-04).
* Sat Aug 30 2025 Vitaly Chikunov <vt на altlinux> 0.11.8-alt1
- Update to v0.11.8 (2025-08-28).
* Tue Aug 26 2025 Vitaly Chikunov <vt на altlinux> 0.11.7-alt1
- Update to v0.11.7 (2025-08-22).
* Thu Aug 21 2025 Vitaly Chikunov <vt на altlinux> 0.11.6-alt1
- Update to v0.11.6 (2025-08-19) with gpt-oss and flash attention fixes.
* Fri Aug 08 2025 Vitaly Chikunov <vt на altlinux> 0.11.4-alt1
thunderbird - Thunderbird is Mozilla's e-mail client [776M]
* Mon Nov 17 2025 Ajrat Makhmutov <rauty на altlinux> 145.0-alt1
- New version.
- Fixes:
+ CVE-2025-13021: Incorrect boundary conditions in the Graphics: WebGPU component
+ CVE-2025-13022: Incorrect boundary conditions in the Graphics: WebGPU component
+ CVE-2025-13012: Race condition in the Graphics component
+ CVE-2025-13023: Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component
+ CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component
+ CVE-2025-13024: JIT miscompilation in the JavaScript Engine: JIT component
+ CVE-2025-13025: Incorrect boundary conditions in the Graphics: WebGPU component
+ CVE-2025-13026: Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component
+ CVE-2025-13017: Same-origin policy bypass in the DOM: Notifications component
+ CVE-2025-13018: Mitigation bypass in the DOM: Security component
+ CVE-2025-13019: Same-origin policy bypass in the DOM: Workers component
+ CVE-2025-13013: Mitigation bypass in the DOM: Core & HTML component
+ CVE-2025-13020: Use-after-free in the WebRTC: Audio/Video component
+ CVE-2025-13014: Use-after-free in the Audio/Video component
+ CVE-2025-13015: Spoofing issue in Thunderbird
+ CVE-2025-13027: Memory safety bugs fixed in Firefox 145 and Thunderbird 145
* Fri Oct 17 2025 Ajrat Makhmutov <rauty на altlinux> 144.0.1-alt1
Total 19923 source packages.
Подробная информация о списке рассылки Sisyphus-cybertalk