Bug#1033774: marked as done (nvidia-graphics-drivers: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Debian Bug Tracking System Wed, 19 Apr 2023 09:51:25 -0700

Your message dated Wed, 19 Apr 2023 16:47:10 +0000
with message-id <e1ppaxa-000gdi...@fasolo.debian.org>
and subject line Bug#1033774: fixed in nvidia-graphics-drivers 470.182.03-1
has caused the Debian Bug report #1033774,
regarding nvidia-graphics-drivers: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, 
CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1033774: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033774
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: tag -8 + wontfix
Control: close -8 510.85.02-2
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -9 515.48.07-1
Control: found -9 525.60.13-1
Control: reassign -10 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -10 nvidia-open-gpu-kernel-modules: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -10 520.56.06-1
Control: found -10 525.85.12-1
Control: found -10 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: fixed -1 530.41.03-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5452

CVE-2023-0189   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, which may lead to code
execution, denial of service, escalation of privileges, information
disclosure, and data tampering.

CVE-2023-0184   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, which may lead to
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2023-0181   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in a kernel mode layer handler, where memory permissions
are not correctly checked, which may lead to denial of service and data
tampering.

CVE-2023-0191   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
access may lead to denial of service or data tampering.

CVE-2023-0183   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer where an out-of-bounds write can
lead to denial of service and data tampering.

CVE-2023-0180   NVIDIA GPU Display Driver for Linux contains a
vulnerability in a kernel mode layer handler, which may lead to denial
of service or information disclosure.

CVE-2023-0185   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where sign conversion issues may
lead to denial of service or information disclosure.

CVE-2023-0198   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where improper restriction of
operations within the bounds of a memory buffer can lead to denial of
service, information disclosure, and data tampering.

CVE-2023-0187   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
read can lead to denial of service.

CVE-2023-0199   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
write can lead to denial of service and data tampering.

CVE-2023-0190   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a NULL pointer dereference
may lead to denial of service.

CVE-2023-0188   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
user can cause an out-of-bounds read, which may lead to denial of
service.

CVE-2023-0194   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to denial of service.

CVE-2023-0195   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to information disclosure.


Linux Driver Branch     CVE IDs Addressed

R530, R525, R515        CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0183, CVE-2023-0185, CVE-2023-0187,
                        CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
                        CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
                        CVE-2023-0191

R470                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0187, CVE-2023-0198,
                        CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
                        CVE-2023-0194, CVE-2023-0195, CVE-2023-0191

R450                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0198, CVE-2023-0199,
                        CVE-2023-0188, CVE-2023-0190, CVE-2023-0194,
                        CVE-2023-0195, CVE-2023-0191


Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R530            All driver versions prior to 530.41.03          530.41.03
R525            All driver versions prior to 525.105.17         525.105.17
R515            All driver versions prior to 515.105.01         515.105.01
R470            All driver versions prior to 470.182.03         470.182.03
R450            All driver versions prior to 450.236.01         450.236.01


Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers
Source-Version: 470.182.03-1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1033...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 12 Apr 2023 17:05:48 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 470.182.03-1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1031185 1033774
Changes:
 nvidia-graphics-drivers (470.182.03-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033774)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-detect: Drop support for stretch(-lts) (EoL).
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.
   * Updated Turkish (tr) debconf translations by Atila KOÇ.
   * Bump Standards-Version to 4.6.2. No changes needed.
   * Upload to bullseye.
Checksums-Sha1:
 d81d4b75650c8a1dc4ba0efa7358d839b0d1e90b 7202 
nvidia-graphics-drivers_470.182.03-1.dsc
 0adab17fd3888730cfc5bccafb4c390d5092dfe5 271670739 
nvidia-graphics-drivers_470.182.03.orig-amd64.tar.gz
 193d136c46f378abc0f5ce8cfca77482d22e427f 184017921 
nvidia-graphics-drivers_470.182.03.orig-arm64.tar.gz
 6d6f985f3fec926d7735e923edb743b8cf7e4792 141 
nvidia-graphics-drivers_470.182.03.orig.tar.gz
 c9e12a3a2e92a728a207152d6f10c2874bb94557 209772 
nvidia-graphics-drivers_470.182.03-1.debian.tar.xz
 8259f2a3e4f8984b74c3950373f817e279e1c22e 8373 
nvidia-graphics-drivers_470.182.03-1_source.buildinfo
Checksums-Sha256:
 7d5017781e60480763b53a9349f50ce3ef187893ed65c26d6c47d15c12e4e379 7202 
nvidia-graphics-drivers_470.182.03-1.dsc
 99170589e476f6877f7e32688980f5b42db232bb5ddad4b34292f9aec8d5499f 271670739 
nvidia-graphics-drivers_470.182.03.orig-amd64.tar.gz
 d91960051d2c0a3408ae3252e4255ba5c5ab4d6dc3ec63b2704959f4273914c5 184017921 
nvidia-graphics-drivers_470.182.03.orig-arm64.tar.gz
 8f8301ff0585d003662da586e717ad980603b74df508a2acd32c892b2542a28d 141 
nvidia-graphics-drivers_470.182.03.orig.tar.gz
 cf85c2b0e286bfe2399e2b42a6106b307aef05da9a132e2a217069cdcdf309b7 209772 
nvidia-graphics-drivers_470.182.03-1.debian.tar.xz
 4d2f75f27d92e8d3eba8c3f40a9a344fb243943d31c7a7497363e515b9dc2299 8373 
nvidia-graphics-drivers_470.182.03-1_source.buildinfo
Files:
 b0f71371f8a17f4bb98adc6633c454ff 7202 non-free/libs optional 
nvidia-graphics-drivers_470.182.03-1.dsc
 6768adb701046aef7315c6feb853efa8 271670739 non-free/libs optional 
nvidia-graphics-drivers_470.182.03.orig-amd64.tar.gz
 da15704131e17f3cdbd8a87cfd82ac03 184017921 non-free/libs optional 
nvidia-graphics-drivers_470.182.03.orig-arm64.tar.gz
 e7efbc7d57e1a6854c51cea047be5b06 141 non-free/libs optional 
nvidia-graphics-drivers_470.182.03.orig.tar.gz
 b6928b9b38cd7a5debd54fe2575c4a32 209772 non-free/libs optional 
nvidia-graphics-drivers_470.182.03-1.debian.tar.xz
 b0d81af95b31a404fc731e712cf967fa 8373 non-free/libs optional 
nvidia-graphics-drivers_470.182.03-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmQ21gsQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCEBFD/0ZKer/cxlAdcsUlQS/ZpGPKsj41rzgTlnO
dpAuT2uZR36UbS8sLypW5u5NAZ4hckEgTO+pocBMAdOxi3wvyxwvAboXY2aaev4t
KURr6kcarplxrjEdj+Z+LGP2vWrJLyeP4fwrkvubgk5o8yRf5Bd5KTTuh59KpFHY
lMe55JF6PbleDhVDjP2wcC3hr7pb4JR+ntQ5dPPC6Dyu5lmXKhHEIVsMJnUNDL5b
R8UzdIfuRs4tB/ZmKibPFRVuG6WUoJfSq3ckj8OGMVG2EMwayBYwBtazNtZMQG7s
DzBwpdep+0Zil04s0dJZsNByAMXAKKlKrnLlXO4UON6UJYprgC7KSZl/4GhSXh67
YnJYegCUHXgJduS+7jZg5tUCU6yUSmTxJAGRJqzi+jjT8VKJVwMXICMa/f7OQV/p
BwfsYfpgdxeZ2nI3vVF3DprabvMQX4yzLv4UqybrOmPTh6yGWWYtuVSZek3M//wh
mQ/JZI1PSSGxlQRdKER8CuZvbAN7mwCX7pJ9F2KT3eJmO5otI0uXKMdLd8jLSAze
dR5vcwqe9zuI+iA8NyNAgdQYuB44D26ufYP/tUQaulcdp30ov4DsK/OVJN1jf7ag
iVmfrl5sbYnCGtJ2++gGis0p3mwyvGe1W07Snt7+Oq13Y7nedD8RpMqF+BuvDPhV
SN7+0/1voQ==
=ARRG
-----END PGP SIGNATURE-----

--- End Message ---

Bug#1033774: marked as done (nvidia-graphics-drivers: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Reply via email to