As of 13 March 2024. "pkg audit" reports the following vulnerabilities in FreeBSD 13.3-RELEASE-p1:
cpu-microcode-intel-20231114 is vulnerable: Intel processors - multiple vulnerabilities CVE: CVE-2023-43490 CVE: CVE-2023-22655 CVE: CVE-2023-28746 CVE: CVE-2023-38575 CVE: CVE-2023-39368 WWW: https://vuxml.FreeBSD.org/freebsd/b6dd9d93-e09b-11ee-92fc-1c697a616631.html Found 1 issue(s) in 1 installed package(s). The website https://www.freshports.org/sysutils/cpu-microcode-intel/ shows that an update to the package appeared the day before (2024-03-12), but the BINARY package providing THE UPDATE IS STILL NOT AVAILABLE! Should this be the case? Or, should I update the microcode in some other way? Marek Anioła
