Comment 10 for bug 1388889

On Thu, 04 Dec 2014, Dimitri John Ledkov wrote:
> On 3 December 2014 at 11:30, Henrique de Moraes Holschuh
> <email address hidden> wrote:
> > I am the Debian upstream for both packages (intel-microcode and iucode-
> > tool), and upstream author for iucode-tool.
> >
> > Thank you for the kind comments on iucode-tool :-)
> >
> > As for intel-microcode, you guys are dealing with an outdated package
> > version. The new one in Debian addresses the Haswell microcode update
> > issue by switching to enforced early initramfs mode updates...
> >
> > This simplified the packaging a lot, but it also means there were
> > extensive changes to all scripts, so the intel-microcode security
> > analysis likely needs to be redone when you resync with Debian.
> >
> > Also, the intel-microcode package version you're considering can be a
> > hazard when dealing with Intel microcode updates with visible effects at
> > the ISA level, like the Haswell "disable TSX" microcode update. It can
> > result in an unusable system, as your QA team found out, which forced
> > you guys to revert to the previous Intel microcode update data.
> >
> > The newer version of intel-microcode in Debian enforces the safe use of
> > early microcode updates, which allows the use of Intel microcode update
> > data 20140913 and newer. You should consider a resync as soon as
> > pratical.
>
> Right, this was pointed out to me. I'll make sure the updated package
> is merged in properly before proceeding with this.

I just ask that you guys notify me of any issues you find, so that I can fix
them post-haste in Debian as well.

--
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh