package/intel-microcode: security bump to version 20201118

Fixes the following security issues:

- CVE-2020-8694: Insufficient access control in the Linux kernel driver for
  some Intel(R) Processors may allow an authenticated user to potentially
  enable information disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html

- CVE-2020-8695: Observable discrepancy in the RAPL interface for some
  Intel(R) Processors may allow a privileged user to potentially enable
  information disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html

- CVE-2020-8698: Improper removal of sensitive information before storage or
  transfer in some Intel(R) Processors may allow an authenticated user to
  potentially enable information disclosure via local access.

  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

diff --git a/package/intel-microcode/intel-microcode.hash b/package/intel-microcode/intel-microcode.hash
index e8005bcff6c16335ba263ff498f5c1019e4809db..289428b4b37806a58cd2f173ea30bcc3e1979d86 100644 (file)
--- a/package/intel-microcode/intel-microcode.hash
+++ b/package/intel-microcode/intel-microcode.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256  eb4f939421ac6cdea3c586c9d984ec518320f00c07eb2b3d6754309c83c93371  intel-microcode-20200616.tar.gz
+sha256  e42a264b7b86e80d013d6d00062467352c1f37e0aaea10fe5b51e4d8687921ab  intel-microcode-20201118.tar.gz
 sha256  d9e989e1a7747f3ce93cb749aceca67a430d36c9bebc6e3205e0b3af3ca6304b  license

diff --git a/package/intel-microcode/intel-microcode.mk b/package/intel-microcode/intel-microcode.mk
index 043367770bca648b482c77f23247f716c7d1e6f5..5a13ca2cbe19071f9f264860d60ec789e05d125d 100644 (file)
--- a/package/intel-microcode/intel-microcode.mk
+++ b/package/intel-microcode/intel-microcode.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-INTEL_MICROCODE_VERSION = 20200616
+INTEL_MICROCODE_VERSION = 20201118
 INTEL_MICROCODE_SITE = $(call github,intel,Intel-Linux-Processor-Microcode-Data-Files,microcode-$(INTEL_MICROCODE_VERSION))
 INTEL_MICROCODE_LICENSE = PROPRIETARY
 INTEL_MICROCODE_LICENSE_FILES = license