Your message dated Sat, 03 Sep 2022 12:49:12 +0000 with message-id <e1ousag-00ed9m...@fasolo.debian.org> and subject line Bug#1016614: fixed in nvidia-graphics-drivers 470.141.03-1~deb11u1 has caused the Debian Bug report #1016614, regarding nvidia-graphics-drivers: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016614: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016614 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nvidia-graphics-drivers Severity: serious Tags: security upstream Control: clone -1 -2 -3 -4 -5 -6 -7 -8 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1 Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5383 CVE-2022-31607 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure. CVE-2022-31608 NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVE-2022-31615 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. Linux Driver Branch CVE IDs Addressed R515, R510, R470, R450, R390 CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Andreas
--- End Message ---
--- Begin Message ---Source: nvidia-graphics-drivers Source-Version: 470.141.03-1~deb11u1 Done: Andreas Beckmann <a...@debian.org> We believe that the bug you reported is fixed in the latest version of nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 02 Sep 2022 10:57:14 +0200 Source: nvidia-graphics-drivers Architecture: source Version: 470.141.03-1~deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Closes: 1016614 1016736 Changes: nvidia-graphics-drivers (470.141.03-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. Checksums-Sha1: 901fbaadcd60e5a4b1e60602d42d809ee31ad25a 7088 nvidia-graphics-drivers_470.141.03-1~deb11u1.dsc d0db04dd1e0555ffb8baab1c3f01fd26415fccc4 209644 nvidia-graphics-drivers_470.141.03-1~deb11u1.debian.tar.xz e430ff51f2399962589c2f691029af2b9026b680 8171 nvidia-graphics-drivers_470.141.03-1~deb11u1_source.buildinfo Checksums-Sha256: 28dbf184e3137f70bbe3d1395fc34444cbeca8013b20821cbdc1bda8073dad74 7088 nvidia-graphics-drivers_470.141.03-1~deb11u1.dsc c23ea0f36dcd43a897d9a003ae27ba531598d6b46f4edf688e87e91f8a576304 209644 nvidia-graphics-drivers_470.141.03-1~deb11u1.debian.tar.xz 91c30a3583cff69f9b89ad41c2feef522e37f9d0f9d95b9debb8f8e3344642e3 8171 nvidia-graphics-drivers_470.141.03-1~deb11u1_source.buildinfo Files: aad6bb0649d9398406cb716907353f50 7088 non-free/libs optional nvidia-graphics-drivers_470.141.03-1~deb11u1.dsc 2527a1d748aaa3b9b372e97eabdb64b7 209644 non-free/libs optional nvidia-graphics-drivers_470.141.03-1~deb11u1.debian.tar.xz fd9afe540b6b57ab21658ac6f3d3f717 8171 non-free/libs optional nvidia-graphics-drivers_470.141.03-1~deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmMRxrEQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCKJuEACcrJiwDs542iPAfYCbx0O0Z65oNr54hyoq hwfgzxK1soKtIj6r2YooNnAtux5A9EH/TE4KV4MjNb3Dpc4Ae2iufGxtl4r+N8Fb vbxl1HMqVKfswa+PEUfeaAzVlJB4Zgs/E8f7JajQllGh/t92DmsXrpDMyLpsEv3p 6KjxIGb/nZ2/CrtAR9jrKBhU94PCpdbge0oRYG9XUmgRjKcGNb+yOnuZ7Zppntmt XNj89duVi70QIacq6bjsKHgBm+eOZmPCza9xcIzYWxukuLuR01+nvTnRJWINy2m4 ifY/Re0x7PJonJtBe/dlX6oSSqHcw85BUPLffo011Q+q6rTVIeWmZ41WpFJo+Hhz 3euKLp/LehJPlHmeruoWUyIv6fcHp3fBTVdRaps9zjZvZ+g6elNaXdyntr2YOAHI I+6rc0P175yYuBCwowsMX3msO2cnrGJYZT4k5rtZBvhA13pbMWJWAptuWjMfzfkI ZF5+oeIPZByT3CdZrjcQPxZmixXwH0uMrsjXHoecAw2HXFqcVWokmW20sPD+8IEf U+AnjAyXeyuz5VWj03PnAO4Z8YpvVIv30jzJiL2E9kj+yVsZBJIcKoaiY2CponwL jWKTiKdha+CTzyWZwUSFs5a1dEw0y3GfsmiY7Wxy7EgoVKnkVocKC6zW9nbz9swV gDr3yGh00Q== =KDoN -----END PGP SIGNATURE-----
--- End Message ---
