Your message dated Sat, 03 Sep 2022 12:49:13 +0000 with message-id <e1ousah-00edad...@fasolo.debian.org> and subject line Bug#1016616: fixed in nvidia-graphics-drivers-legacy-390xx 390.154-1~deb11u1 has caused the Debian Bug report #1016616, regarding nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016616: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016616 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nvidia-graphics-drivers Severity: serious Tags: security upstream Control: clone -1 -2 -3 -4 -5 -6 -7 -8 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1 Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5383 CVE-2022-31607 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure. CVE-2022-31608 NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVE-2022-31615 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. Linux Driver Branch CVE IDs Addressed R515, R510, R470, R450, R390 CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Andreas
--- End Message ---
--- Begin Message ---Source: nvidia-graphics-drivers-legacy-390xx Source-Version: 390.154-1~deb11u1 Done: Andreas Beckmann <a...@debian.org> We believe that the bug you reported is fixed in the latest version of nvidia-graphics-drivers-legacy-390xx, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers-legacy-390xx package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 29 Aug 2022 11:50:39 +0200 Source: nvidia-graphics-drivers-legacy-390xx Architecture: source Version: 390.154-1~deb11u1 Distribution: bullseye Urgency: medium Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Closes: 1012618 1012700 1016616 Changes: nvidia-graphics-drivers-legacy-390xx (390.154-1~deb11u1) bullseye; urgency=medium . * Rebuild for bullseye. . nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium . * Rebuild for buster. . nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium . * New upstream legacy branch release 390.154 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 * Improved compatibility with recent Linux kernels. . [ Andreas Beckmann ] * Refresh patches. * Minor packaging sync and cleanup (470.129.06-6). * Drop references to kernel-package and make-kpkg, gone since stretch (470.141.03-1). * Overhaul build-module-packages.sh (470.141.03-1). * Add module-assistant based autopkgtest for the *-source package (470.141.03-1). * Simplify changelog management for the *-source package (470.141.03-1). * Copy the Source stanza from d/control to the module control file (470.141.03-1). * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium . * Backport pci/dma changes from 470.129.06 to fix kernel module build for Linux 5.18. (Closes: #1012700, #1012618) * Update lintian overrides. . nvidia-graphics-drivers-legacy-390xx (390.151-1~deb10u1) buster; urgency=medium . * Rebuild for buster. Checksums-Sha1: f622aa53a7819d6ea1a74fce52f5902b0b21960a 8022 nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1.dsc 572e4f75fb4d097fd93d015046f0cb9f55dc5879 178284 nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1.debian.tar.xz b19de02829ac6b3f8f6beeb90dac0a26cdea5c8e 8161 nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1_source.buildinfo Checksums-Sha256: 1bf28761f0b34da9672d5ffff982b589c130183c42cee18ded9f2df8e489edc3 8022 nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1.dsc c04437c32c45d3a412079b68a941e4fecfd54f62a4160691141a9c6a8f5dd3c2 178284 nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1.debian.tar.xz 69f06ae72560005e7ed670d6c1dc9e8559457c82cdb61d36e7e1856ce25ec74a 8161 nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1_source.buildinfo Files: 635f96a999c93e177d8b67059850d006 8022 non-free/libs optional nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1.dsc 38458d82676e79c41bd4d23d77c0e563 178284 non-free/libs optional nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1.debian.tar.xz 63277047ae54f426587ada22f2d97b53 8161 non-free/libs optional nvidia-graphics-drivers-legacy-390xx_390.154-1~deb11u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmMMjQoQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCPsXEACt4AizTC6ClGP3Kq2mBnB9MVDotjMvQanG LWEy0vCpzQwFCCyJy36lFIOMfmMlv/2ux+diz9Gi/ix2JiuIrfGklZGwD9nTvqPb tD7N6gIwUqKI6eSrcItu1JafpX9gnjF1Fdi6KyaGaU3HhRLB2YuKHUEA5Ahxdouo 62o/y04KWOWonwDhDqbirr/BHHUHBcYU+glCqriNB4AtuxCNPVA2QPQ14TohSIN9 Kz4ILf8NfH2E2BLCywzOcj5XQh4qjckKazN/z4+JtbdsFtabaeRhd63MFzrPJFRa YPqWpy5FWNxepiNlq/ijCzUGVdub4DkPR1xS4yYEKTGaIJA9CTYh06c+XIiwHhh3 8dVHT7PKgpivMFMAbZ0GoD4xr6PLiSZTI+4Splamyv8C3uB6ULzJGV3JUxuzOvTU VybrnPWfc+woQWawTpI//11ADZ/7+Ec9wRFfArT2YlmNZcwAeHOsMPpGhQ0EHl6A 5Jg3lbcQ7In8PFX4lLhM5EXPIOfVc3lKM47TXkj+q1vdyY7FQTEnaE+OSIHB9eHn L5Aii5IVU32UncirR77mQk3WgNYP6ill59TXkTlgSoz637ATEo3OKwKdGIrNJ+xa O2/I9wtzegmNQaNy5iSzJFp0yy+At9uAACCXV+wVQ6pXF5+mK34yu0jUsB0ozxpR WedjhfEmBA== =bqIz -----END PGP SIGNATURE-----
--- End Message ---
