Overview

File spectre-meltdown-checker.changes of Package spectre-meltdown-checker.13588

-------------------------------------------------------------------
Wed Dec 11 07:37:50 UTC 2019 - Marcus Meissner <meissner@suse.com>

- version 0.43
  - feat: implement TAA detection (CVE-2019-11135 bsc#1139073)
  - feat: implement MCEPSC / iTLB Multihit detection (CVE-2018-12207 bsc#1117665)
  - feat: taa: add TSX_CTRL MSR detection in hardware info
  - feat: fwdb: use both Intel GitHub repo and MCEdb to build our firmware version database
  - feat: use --live with --kernel/--config/--map to override file detection in live mode
  - enh: rework the vuln logic of MDS with --paranoid (fixes #307)
  - enh: explain that Enhanced IBRS is better for performance than classic IBRS
  - enh: kernel: autodetect customized arch kernels from cmdline
  - enh: kernel decompression: better tolerance against missing tools
  - enh: mock: implement reading from /proc/cmdline
  - fix: variant3a: Silvermont CPUs are not vulnerable to variant 3a
  - fix: lockdown: detect Red Hat locked down kernels (impacts MSR writes)
  - fix: lockdown: detect locked down mode in vanilla 5.4+ kernels
  - fix: sgx: on locked down kernels, fallback to CPUID bit for detection
  - fix: fwdb: builtin version takes precedence if the local cached version is older
  - fix: pteinv: don't check kernel image if not available
  - fix: silence useless error from grep (fixes #322)
  - fix: msr: fix msr module detection under Ubuntu 19.10 (fixes #316)
  - fix: mocking value for read_msr
  - chore: rename mcedb cmdline parameters to fwdb, and change db version scheme
  - chore: fwdb: update to v130.20191104+i20191027
  - chore: add GitHub check workflow
- upstream tarball no longer includes license, use the gpl 3 standalone html for it

-------------------------------------------------------------------
Wed Jun 26 06:54:42 UTC 2019 - Pavol Cupka <palica@liguros.net>

- version 0.42
    * add FreeBSD MDS mitigation detection
    * add mocking functionality to help debugging, dump data to mock the behavior of your CPU with --dump-mock-data
    * AMD, ARM and CAVIUM are not vulnerable to MDS
    * RDCL_NO bit wasn't taking precedence for L1TF check on some newer Intel CPUs
    * The MDS_NO bit on newer Intel CPUs is now recognized and used
    * remove libvirtd from hypervisor detection to avoid false positives (#278)
    * under BSD, the data returned when reading MSR was incorrectly formatted
    * update builtin MCEdb from v110 to v111

-------------------------------------------------------------------
Fri May 24 08:29:21 UTC 2019 - Marcus Meissner <meissner@suse.com>

- noarch does not work on older distros, removed

-------------------------------------------------------------------
Thu May 16 08:01:35 UTC 2019 - Pavol Cupka <palica@liguros.net>

- version 0.41
  * add support for the 4 MDS CVEs
  * add Spectre and Meltdown mitigation detection for Hygon CPU
  * for SSBD, report whether the mitigation is active
  * and other fixes and enhancements

-------------------------------------------------------------------
Wed Mar 27 08:02:00 UTC 2019 - Jan Engelhardt <jengelh@inai.de>

- Use Source URL. Remove services, just run `osc service lr
  download_files` for updating.

-------------------------------------------------------------------
Wed Mar 27 06:50:08 UTC 2019 - Marcus Meissner <meissner@suse.com>

- disable the services, just run "osc service disabledrun" for upadating.

-------------------------------------------------------------------
Sun Oct 14 15:21:50 UTC 2018 - sean@suspend.net

- version 0.40
  * add support for L1TF CVEs (aka Foreshadow and Foreshadow-NG)
  * add summary of vulnerabilities at the end of script execution

-------------------------------------------------------------------
Fri Jul 27 09:18:43 UTC 2018 - jengelh@inai.de

- Compact and wrap description.

-------------------------------------------------------------------
Wed May 30 13:28:57 UTC 2018 - meissner@suse.com

- version 0.37
  * lots of improvements
  * spectre v4 and v3a added

-------------------------------------------------------------------
Mon Jan 15 07:56:12 UTC 2018 - adrian@suse.de

- update to version 0.31
  * meltdown: detecting Xen PV, reporting as not vulnerable
  * is_cpu_vulnerable: add check for old Atoms
  * ibrs: check for spec_ctrl_ibrs in cpuinfo

-------------------------------------------------------------------
Sat Jan 13 16:05:06 UTC 2018 - adrian@suse.de

- update to version 0.29
  * AMD updates

-------------------------------------------------------------------
Fri Jan 12 08:39:58 UTC 2018 - adrian@suse.de

- initial package of version 0.27
openSUSE Build Service is sponsored by
Places