COMMENT_PUBLIC
--------------
PRIMERGY TX1320 M3 / TX1330 M3 uEFI FW changes:
uEFI FW - V5.0.0.11 R1.33.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Vulnerability: Update OpenSSL library from 1.0.2h to 1.1.1n. Following CVEs
are addressed.
CVS-2019-1551, CVE-2020-1968, CVE-2021-23840, CVE-2021-3712, CVE-2022-0778
uEFI FW - V5.0.0.11 R1.32.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Vulnerability: Support for IPU2021.2 (Intel Platform Update).
Following CVEs are addressed.
INTEL-UA-00365, INTEL-SA-00532: CVE-2021-0127 INTEL-SA-00527: CVE-2021-0092,
CVE-2021-0107, CVE-2021-0111, CVE-2021-0114, CVE-2021-0115, CVE-2021-0116,
CVE-2021-0117, CVE-2021-0118, CVE-2021-0156 INTEL-SA-00562: CVE-2021-0157
INTEL-SA-00470: CVE-2021-0060
- Vulnerability: Support for IPU2022.1 (Intel Platform Update).
Following CVEs are addressed.
INTEL-SA-00617: CVE-2022-21151 INTEL-SA-00614: CVE-2022-0005 INTEL-SA-00601:
CVE-2021-0154, CVE-2021-0188, CVE-2021-0189, CVE-2021-33123, CVE-2021-33124
INTEL-SA-00615: CVE-2022-21123, CVE-2022-21127, CVE-2022-21125, CVE-2022-21166
- Microcode update to 000000F0h
- SPS(Server Platform Service) FW update to 04.01.04.500.0
- Added subtitle "Secure Boot Configuration" in BIOS setup menu
uEFI FW - V5.0.0.11 R1.30.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Solved: CPU temperature is high (but just before Warning temperature) in
iRMC Web-UI (Sensors-Temperature). As a result, FAN spins at high speed.
This occurs with only BIOS R1.29.0.
uEFI FW - V5.0.0.11 R1.29.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Vulnerability: Support for IPU2021.1 (Intel Platform Update).
(INTEL-SA-00463:CVE-2020-12357, CVE-2020-8670, INTEL-TA-00464:CVE-2020-24512)
- Solved the issue that "DMAR: (Firmware Bug): No firmware reserved region can
cover this RMRR" is logged at Linux OS boot.
- Update LSI RAID Driver to 06010A00
- Vulnerability: Fixed CVE-2019-14575 related to EDK II
- Vulnerability: Fixed CVE-2021-23841 related to OpenSSL
- Improvement so that OS can collect crash dump by issuing NMI when Memory
Uncorrectable Error or PCI Uncorrectable Error occurred.
- (This is already fixed with R1.28.0) Solved the issue that CD media sometimes
disappears from bot option with Soft-RAID configuration.
uEFI FW - V5.0.0.11 R1.28.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Integration of Intel QSR 2020.2. Update
(CVE-2020-8696, CVE-2020-8694, CVE-2020-8695, CVE-2020-8705)
-Solved: Vulnerability: OpenSSL Vulnerability (CVE-2020-1971)
- eLCM based OS installation ends up in BSPBR - reboot loop.
Added BSPBR Backup/Restore retry at max. 3 times to solve the issue.
(Rollout from RX2540M2)(SA233686525)
-Solved: BIOS hangs with blue screen and POST code AB
after HDD recognition failed with Soft-RAID.(SA233704415)
-When DVD Boot media is attached in AVR and if every boot
options are disabled, OS is still able to boot.(SA233716607)
-RX1330M3 + RHEL 7.5 often freeze, and NMI cannot work.
Once unexpected reboot which cannot initialize CPU register is
occurred, BIOS will reset the system to clear the system.(SA233692678)
-Network Stack setting is not restored via SNTCI because this is excluded
from backup/restore. Added to backup/restore target.
(Rollout from RX1330M2) (SA233725375)
uEFI FW - V5.0.0.11 R1.27.0 for D3373-B1x
==============================================
Changes and problems fixed:
-BIOS settings may not be remained after replacement of system board
with old BIOS revision.
Fixed to ensure restoring between old and new BIOS revisions successfully.
(SA233717720, QH200807-001)
uEFI FW - V5.0.0.11 R1.26.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Integration of Intel QSR 2020.1. Update
(CVE-2020-0594, CVE-2020-0595, CVE-2020-0586, CVE-2020-0542, CVE-2020-0596,
CVE-2020-0538, CVE-2020-0534, CVE-2020-0533, CVE-2020-0566, CVE-2020-0532,
CVE-2020-0541, CVE-2020-0597, CVE-2020-0531, CVE-2020-0535, CVE-2020-0540,
CVE-2020-0536, CVE-2020-0537, CVE-2020-0545, CVE-2020-8674, CVE-2020-0539,
CVE-2020-0543, CVE-2020-0528, CVE-2020-0529, CVE-2020-0548, CVE-2020-0549)
-Remove the microcode of CPUID:506E8 which CPU is not needed to be supported.
uEFI FW - V5.0.0.11 R1.25.0 for D3373-B1x
==============================================
Changes and problems fixed:
-Vulnerability: Support for Intel IPU 2019.2 Q4 Taxi.
(CVE-2019-11157,CVE-2019-14607)
Update uCode from 000000C6h to 000000CAh.
-Solved :Though the PCI slot status was changed to Enabled from Failed,
the PCI error still occurred at POST. (potential issue)
-Solved: Keyboard is not working when booting DOS or PXE in Legacy mode.
-Solved: New boot entries are added when activating PXE Boot Option Retry.
(potential issue)
-Minor bug fix
uEFI FW - V5.0.0.11 R1.24.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Integration of Intel QSR 2019.2 update
CVE-2019-0117,CVE-2019-0123,CVE-2019-0124,CVE-2019-0169,CVE-2019-11132,
CVE-2019-11147,CVE-2019-11105,CVE-2019-11088,CVE-2019-11131,CVE-2019-11104,
CVE-2019-11097,CVE-2019-11103,CVE-2019-0131,CVE-2019-11090,CVE-2019-0165,
CVE-2019-0166,CVE-2019-0168,CVE-2019-11087,CVE-2019-11101,CVE-2019-11100,
CVE-2019-11102,CVE-2019-11106,CVE-2019-11107,CVE-2019-11109,CVE-2019-11110,
CVE-2019-11086,CVE-2019-11108,CVE-2019-0185,CVE-2019-0154
- Minor bug FIX.
uEFI FW - V5.0.0.11 R1.23.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Updated CPU Microcode to Kabylake B0 ID 000000B4h
- Integration of Intel QSR 2019.1 update (CVE-2019-0086, CVE-2019-0089,
CVE-2019-0090, CVE-2019-0091, CVE-2019-0092, CVE-2019-0093, CVE-2019-0094,
CVE-2019-0096, CVE-2019-0097, CVE-2019-0098, CVE-2019-0099, CVE-2019-0153,
CVE-2019-0170, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130)
- Integration of fix for Intel Transactional Synchronization Extensions (TSX)
Memory Ordering Issue
- Fixed a BSOD occurreance when installing Windows Server 2012 with Fujitsu
Server
View Installation Manager
uEFI FW - V5.0.0.11 R1.22.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Support of Windows Server 2019
uEFI FW - V5.0.0.11 R1.21.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Fixed a problem of "SNTCI restore failed" messages in System Event Log
- Fixed an issue that led to random occurences of POST message
"POST - No memory installed" during system startup
- Fixed doubled boot options with RedHat 7.5 installed in UEFI mode
- Restored uEFI FW switch "ASPM support" functionality
- Intel DCI Policy Update included (CVE-2018-3652)
- Added reporting of Intel SPS firmware version to "System Information Page"
uEFI FW - V5.0.0.11 R1.19.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Fixed Side-Channel Analysis Method Vulnerability
(CVE-2018-3639, CVE-2018-3640, INTEL SA-00115)
uEFI FW - V5.0.0.11 R1.18.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Fixed an issue with incorrect system time change due to Daylight Saving
- Restored HDD hot plug functionality in AHCI mode
- Component information for QLogic QL45212 is now displayed in iRMC network
inventory
uEFI FW - V5.0.0.11 R1.17.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Update to Intel Kabylake Microcode ID 00000084h
- Fix for side-channel analysis security flaws - known as
Spectre & Meltdown
Resolved issues:
- OS-Boot is possible with additional RDIMM in different channel
- A NVRAM variable could no longer be changed, after a delete operation
was executed once, on this variable.
- Special keys, like arrows or function key are not working from remote,
with serial console redirection.
- Removed an obsolete warning message at the BIOS Setup Secure Boot screen,
if the Compatibility Support Module (CSM) is disabled.
- Corrupted Secure Boot BIOS Setup screen.
- Setting the BIOS defaults while OS runtime via GABI, lead to an error
message.
- After normal DOS BIOS update all BIOS Setup settings are set to default
values
- 'POST - BIOS flash update failed' message appear in POST
New features:
- Report the PCIe slot number instead of the PFA for PCIe Root Port errors
- Report TPM FW revision in BIOS setup
- Enable Hot-plug for each SATA port, to allow LSI Software RAID
(Setup default)
- Remove AFU Flash Support
- AHCI Hotplug: Enable SATA AHCI hotplug unconditionaly
uEFI FW - V5.0.0.11 R1.13.0 for D3373-B1x
==============================================
Changes and problems fixed:
- Resolved an issue with Nvidia NVS315 only displaying a black screen after
an uEFI FW update was performed
uEFI FW - V5.0.0.11 R1.11.0 for D3373-B1x
==============================================
Changes and Problems fixed:
- Support for TPM 1.2 and TPM 2.0 modules
- Resolved an issue with TPM hardware logging non-recoverable errors
(EventID 15) in Windows System Event Log
- Resolved issue that Bitlocker fails with an internal error when TPM 2.0
module is used with Windows Server 2016
- Resolved wrong behavior that the boot device order is changed after uEFI
FW defaults were loaded
uEFI FW - V5.0.0.11 R1.5.0 for D3373-B1x
==============================================
Changes and Problems fixed:
- RESTful API feature is enabled
- Update to Intel Kabylake Microcode ID 0000005Eh fixing the Intel Hyper-
Threading bug with Kabylake processors
- Resolved an issue with Nvidia NVS315 GPU causing PCIe SERR error messages
being logged into iRMC SEL when Windows Server 2016 is installed
- Resolved issue that BSPBR (BIOS Single Parameter Backup / Restore) sets
a wrong uEFI FW password
uEFI FW - V5.0.0.11 R1.3.0 for D3373-B1x
==============================================
- Initial Release
COMMENT_CRITICAL
----------------
BIOS- or firmware updates always require a closing system reboot.
Important notes for Windows Operating Systems
===========================================
To enable BIOS / firmware updates, the BitLocker Drive Encryption must be temporarily disabled.
After the updates have been completed,the BitLocker Drive Encryption can be re-enabled.
Important notes for Linux Operating Systems
===========================================
XEN operating systems:
-------------------------------------------------------
Currently BIOS updates under XEN are not supported.
To update the BIOS please boot the system in non XEN mode or use offline update from Update DVD.