Changelog for
spectre-meltdown-checker-0.43-3.3.1.x86_64.rpm :
* Wed Dec 11 2019 meissnerAATTsuse.com- version 0.43 - feat: implement TAA detection (CVE-2019-11135 bsc#1139073) - feat: implement MCEPSC / iTLB Multihit detection (CVE-2018-12207 bsc#1117665) - feat: taa: add TSX_CTRL MSR detection in hardware info - feat: fwdb: use both Intel GitHub repo and MCEdb to build our firmware version database - feat: use --live with --kernel/--config/--map to override file detection in live mode - enh: rework the vuln logic of MDS with --paranoid (fixes #307) - enh: explain that Enhanced IBRS is better for performance than classic IBRS - enh: kernel: autodetect customized arch kernels from cmdline - enh: kernel decompression: better tolerance against missing tools - enh: mock: implement reading from /proc/cmdline - fix: variant3a: Silvermont CPUs are not vulnerable to variant 3a - fix: lockdown: detect Red Hat locked down kernels (impacts MSR writes) - fix: lockdown: detect locked down mode in vanilla 5.4+ kernels - fix: sgx: on locked down kernels, fallback to CPUID bit for detection - fix: fwdb: builtin version takes precedence if the local cached version is older - fix: pteinv: don\'t check kernel image if not available - fix: silence useless error from grep (fixes #322) - fix: msr: fix msr module detection under Ubuntu 19.10 (fixes #316) - fix: mocking value for read_msr - chore: rename mcedb cmdline parameters to fwdb, and change db version scheme - chore: fwdb: update to v130.20191104+i20191027 - chore: add GitHub check workflow- upstream tarball no longer includes license, use the gpl 3 standalone html for it
* Wed Jun 26 2019 palicaAATTliguros.net- version 0.42
* add FreeBSD MDS mitigation detection
* add mocking functionality to help debugging, dump data to mock the behavior of your CPU with --dump-mock-data
* AMD, ARM and CAVIUM are not vulnerable to MDS
* RDCL_NO bit wasn\'t taking precedence for L1TF check on some newer Intel CPUs
* The MDS_NO bit on newer Intel CPUs is now recognized and used
* remove libvirtd from hypervisor detection to avoid false positives (#278)
* under BSD, the data returned when reading MSR was incorrectly formatted
* update builtin MCEdb from v110 to v111
* Fri May 24 2019 meissnerAATTsuse.com- noarch does not work on older distros, removed
* Thu May 16 2019 palicaAATTliguros.net- version 0.41
* add support for the 4 MDS CVEs
* add Spectre and Meltdown mitigation detection for Hygon CPU
* for SSBD, report whether the mitigation is active
* and other fixes and enhancements
* Wed Mar 27 2019 jengelhAATTinai.de- Use Source URL. Remove services, just run `osc service lr download_files` for updating.
* Wed Mar 27 2019 meissnerAATTsuse.com- disable the services, just run \"osc service disabledrun\" for upadating.
* Sun Oct 14 2018 seanAATTsuspend.net- version 0.40
* add support for L1TF CVEs (aka Foreshadow and Foreshadow-NG)
* add summary of vulnerabilities at the end of script execution
* Fri Jul 27 2018 jengelhAATTinai.de- Compact and wrap description.
* Wed May 30 2018 meissnerAATTsuse.com- version 0.37
* lots of improvements
* spectre v4 and v3a added
* Mon Jan 15 2018 adrianAATTsuse.de- update to version 0.31
* meltdown: detecting Xen PV, reporting as not vulnerable
* is_cpu_vulnerable: add check for old Atoms
* ibrs: check for spec_ctrl_ibrs in cpuinfo
* Sat Jan 13 2018 adrianAATTsuse.de- update to version 0.29
* AMD updates
* Fri Jan 12 2018 adrianAATTsuse.de- initial package of version 0.27