Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 1e963fe8bdf4eb368b66717bafd640c7f17528d6^! / . / WORKSPACE
commit1e963fe8bdf4eb368b66717bafd640c7f17528d6[log] [tgz]
authorLorenz Brun <lorenz@monogon.tech>Wed Aug 09 18:24:02 2023 +0200
committerLorenz Brun <lorenz@monogon.tech>Wed Aug 09 21:01:36 2023 +0000
treee6f40f9ee469f824bd3f9bfceae3c6074f95990b
parent6eb3fb31f0d1385e96652b6bee043bd9c5f6a577 [diff] [blame]
t/linux: update to 5.15.125

This kernel contains additional handling and workarounds for Gather Data
Sampling aka Downfall (CVE-2022-40982) on Intel CPUs,
Inception (CVE-2023-20569) and Phantom (CVE-2022-23825) on AMD CPUs.

Performant workarounds for these issues also requires updated microcode
for both CPU vendors. Microcode for Intel has already been updated,
AMD's is not merged in linux-firmware yet.

Change-Id: I441c8c7b39a8eec0c42d1aac0375d0d15ec1703d
Reviewed-on: https://review.monogon.dev/c/monogon/+/2048
Reviewed-by: Leopold Schabel <leo@monogon.tech>
Tested-by: Jenkins CI

diff --git a/WORKSPACE b/WORKSPACE
index 265044a..2116738 100644
--- a/WORKSPACE
+++ b/WORKSPACE

@@ -133,7 +133,7 @@
 
 linux_external(
     name = "linux",
-    version = "5.15.122",
+    version = "5.15.125",
 )
 
 load("//third_party/linux-firmware:external.bzl", "linux_firmware_external")