amd64-microcode (3.20240820.1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/hmh/amd64-microcode.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: main
Path: debian/changelog
Repo size: 962560
Browser: https://salsa.debian.org/hmh/amd64-microcode
Last scan: 2025-03-23 04:53:09+00
Next scan: 2025-03-28 19:39:00+00
Merge requests: 2

Debian changelog in Git:

amd64-microcode (3.20240820.1) unstable; urgency=high

  * Update package data from linux-firmware 20240820
    * New AMD-SEV firmware from AMD upstream (20240820)
      + Updated SEV firmware:
        Family 17h models 30h-3fh: version 0.24 build 20
        Family 19h models 00h-0fh: version 1.55 build 21
        Family 19h models 10h-1fh: version 1.55 build 37
      + New SEV firmware:
        Family 19h models a0h-afh: version 1.55 build 37
  * SECURITY UPDATE (AMD-SB-3003):
    * Mitigates CVE-2023-20584: IOMMU improperly handles certain special
      address ranges with invalid device table entries (DTEs), which may allow
      an attacker with privileges and a compromised Hypervisor to induce DTE
      faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of
      guest integrity.
    * Mitigates CVE-2023-31356: Incomplete system memory cleanup in SEV
      firmware could allow a privileged attacker to corrupt guest private
      memory, potentially resulting in a loss of data integrity.

 -- Henrique de Moraes Holschuh <hmh@debian.org>  Wed, 21 Aug 2024 21:31:07 -0300

This branch is even with tag debian/3.20240820.1