Date: Mon, 15 Apr 2024 09:09:57 +0000 From: =?iso-8859-2?Q?Marek_Anio=B3a?= <man130117@outlook.com> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: cpu-microcode-intel-20231114 Message-ID: <AM5PR03MB296289896D3D652DA041DDC7A8092@AM5PR03MB2962.eurprd03.prod.outlook.com>
index | next in thread | raw e-mail
As of 13 March 2024. "pkg audit" reports the following vulnerabilities in FreeBSD 13.3-RELEASE-p1: cpu-microcode-intel-20231114 is vulnerable: Intel processors - multiple vulnerabilities CVE: CVE-2023-43490 CVE: CVE-2023-22655 CVE: CVE-2023-28746 CVE: CVE-2023-38575 CVE: CVE-2023-39368 WWW: https://vuxml.FreeBSD.org/freebsd/b6dd9d93-e09b-11ee-92fc-1c697a616631.html Found 1 issue(s) in 1 installed package(s). The website https://www.freshports.org/sysutils/cpu-microcode-intel/ shows that an update to the package appeared the day before (2024-03-12), but the BINARY package providing THE UPDATE IS STILL NOT AVAILABLE! Should this be the case? Or, should I update the microcode in some other way? Marek Aniołahome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AM5PR03MB296289896D3D652DA041DDC7A8092>