Hi all!
There was a flaw announced and patches released that is trivially
executable in a large number of AMD environments (CVE-2023-20593). We
announced Monday that we had a patch for Zenbleed ready
<https://almalinux.org/blog/zenbleed-patch-call-for-testing/> (please read
the blog post for full details), but wanted testing.
So far we have seen a significant number of users and companies apply the
patches with our updated linux-firmware package with no reported problems,
and therefore we plan to push the updated package live at 07:00 US eastern
time July 27th.
If you are at all concerned, we encourage you to test in your own
environment and let us know if you find any problems.
As a side note: we already have been, but are continuing to discuss the
right way to handle this in a sustainable way going forward. If you have
interest in being part of that solution, join our chat and keep an eye out
for when we start to build those structures, and make sure to join us at
the AlmaLinux OS Foundation <https://almalinux.org/members/>.
--
Jonathan Wright
AlmaLinux Foundation
Mattermost: chat <https://chat.almalinux.org/almalinux/messages/@jonathan>
