t/{linux,-firmware}: fix Zenbleed (CVE-2023-20593) This fixes the Zenbleed vulnerability by including the latest fixed microcode from linux-firmware. They don't do proper release management but just tag a date approximately every month to keep distros happy. Thus we need to use a master commit to get the fixes now. Also update Linux to 5.15.122 to make sure that we know in case the microcode fix somehow didn't get applied. Change-Id: I5e26826e6df0f665e1a23efe8587dfb93edb2d94 Reviewed-on: https://review.monogon.dev/c/monogon/+/1974 Reviewed-by: Leopold Schabel <leo@monogon.tech> Tested-by: Jenkins CI

commit: 78a538df4c1112bad6bee08509385af8d0ecc77a [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Tue Jul 25 21:39:04 2023 +0200
committer: Lorenz Brun <lorenz@monogon.tech> Wed Jul 26 12:39:17 2023 +0000
tree: 7c0c3d44f2334a2305242f768322f36a175434a9
parent: 90613afdf11f7831fc0a673f2fe502c28ab93729 [diff] [blame]
diff --git a/WORKSPACE b/WORKSPACE
index fb00bd9..c76fe4b 100644
--- a/WORKSPACE
+++ b/WORKSPACE

@@ -133,14 +133,14 @@
 
 linux_external(
     name = "linux",
-    version = "5.15.104",
+    version = "5.15.122",
 )
 
 load("//third_party/linux-firmware:external.bzl", "linux_firmware_external")
 
 linux_firmware_external(
     name = "linux-firmware",
-    version = "20230310",
+    version = "b6ea35ff6b9869470a0c68813f1668acb3d356a8",
 )
 
 load("//third_party/intel_ucode:external.bzl", "intel_ucode_external")
commit	78a538df4c1112bad6bee08509385af8d0ecc77a	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Tue Jul 25 21:39:04 2023 +0200
committer	Lorenz Brun <lorenz@monogon.tech>	Wed Jul 26 12:39:17 2023 +0000
tree	7c0c3d44f2334a2305242f768322f36a175434a9
parent	90613afdf11f7831fc0a673f2fe502c28ab93729 [diff] [blame]