Agree with Explorer09. Why are my Intel systems now getting AMD microcode packages and why are my AMD systems getting Intel microcode packages?? This is a bug.
I would rather it see that I already have one of them installed that matches my CPU and call it good. If that isn't an option, then just a recommends. In the meantime, I just blocked these meta packages from updating on my systems. Thanks. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-meta in Ubuntu. https://bugs.launchpad.net/bugs/1738259 Title: need to ensure microcode updates are available to all bare-metal installs of Ubuntu Status in linux-meta package in Ubuntu: Triaged Status in linux-meta-hwe package in Ubuntu: New Status in linux-meta-hwe-edge package in Ubuntu: New Status in linux-meta-lts-xenial package in Ubuntu: Fix Released Status in linux-meta-oem package in Ubuntu: Fix Released Status in linux-meta source package in Precise: New Status in linux-meta source package in Trusty: Fix Released Status in linux-meta source package in Xenial: Fix Released Status in linux-meta-hwe source package in Xenial: Fix Released Status in linux-meta-hwe-edge source package in Xenial: Fix Released Status in linux-meta-lts-xenial source package in Xenial: Fix Committed Status in linux-meta-oem source package in Xenial: Fix Released Status in linux-meta source package in Zesty: Invalid Status in linux-meta source package in Artful: Fix Released Status in linux-meta source package in Bionic: Fix Committed Bug description: From time to time, CPU vendors release updates to microcode that can be loaded into the CPU from the OS. For x86, we have these updates available in the archive as amd64-microcode and intel-microcode. Sometimes, these microcode updates have addressed security issues with the CPU. They almost certainly will again in the future. We should ensure that all users of Ubuntu on baremetal x86 receive these security updates, and have them applied to the CPU in early boot where at all feasible. Because these are hardware-dependent packages which we don't want to install except on baremetal (so: not in VMs or containers), the logical place to pull them into the system is via the kernel, so that only the kernel baremetal flavors pull them in. This is analogous to linux-firmware, which is already a dependency of the linux- image-{lowlatency,generic} metapackages, and whose contents are applied to the hardware by the kernel similar to microcode. So, please update the linux-image-{lowlatency,generic} metapackages to add a dependency on amd64-microcode [amd64], intel-microcode [amd64], and the corresponding hwe metapackages also. Please time this change to coincide with the next updates of the microcode packages in the archive. I believe we will also need to promote the *-microcode packages to main from restricted as part of this (again, by analogy with linux- firmware). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1738259/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
