Post by Mike Small
So you may have seen this security update for CVE-2023-20593. If you
don't have that chip or AMD at all do you skip it? Any good reason to
Usually, I install all security patches routinely after some basic
testing that they do not break anything. However, there are some patches
that I do not install:
1) Packages which I have removed, installing a CUPS package would break
by LPRng installation.
2) Updates which I really don't need and maybe earlier have been prone to
break something. An example of such a package is glibc-zoneinfo.
So what about the kernel-firmware package? I will not update any 14.2
system, not only because I don't have any AMD CPU, but mostly because the
kernel-firmware package has become kind of bloated since I initially
installed 14.2. Since a few years back the later kernel-firmware packages
overfills the limited amont of space on my rather small root partitions.
On my Slackware 15.0 systems I have bigger root partitions and plan to
evaluate the update even though I do not have any AMD CPUs now. If I
would get an AMD CPU it would be good to have an up to date system.
Unfortunately the kernel firmware package needs to be evaluated as
upstream providers only provide one such package and during the years
that latest package has turned out to break support for different
hardware with different kernel versions. Maybe they would need to make
the package even more bloated to support all still supported kernel
versions. Maybe they would need to branch off different firmware package
versions for different kernel versions.
I am now on vacation, so I will not be able to evaluate the package for
my 15.0 installations until a few weeks.