Bug#1033780: marked as done (nvidia-graphics-drivers-tesla-470: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Debian Bug Tracking System Wed, 19 Apr 2023 14:21:37 -0700

Your message dated Wed, 19 Apr 2023 21:17:10 +0000
with message-id <e1ppfas-001g1p...@fasolo.debian.org>
and subject line Bug#1033780: fixed in nvidia-graphics-drivers-tesla-470 
470.182.03-1~deb11u1
has caused the Debian Bug report #1033780,
regarding nvidia-graphics-drivers-tesla-470: CVE-2023-0184, CVE-2023-0189, 
CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1033780: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033780
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 -10
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0198, CVE-2023-0199, 
CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, 
CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, 
CVE-2023-0191
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: tag -8 + wontfix
Control: close -8 510.85.02-2
Control: reassign -9 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -9 nvidia-graphics-drivers-tesla: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -9 515.48.07-1
Control: found -9 525.60.13-1
Control: reassign -10 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -10 nvidia-open-gpu-kernel-modules: CVE-2023-0184, 
CVE-2023-0189, CVE-2023-0180, CVE-2023-0183, CVE-2023-0185, CVE-2023-0187, 
CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, 
CVE-2023-0195, CVE-2023-0191
Control: found -10 520.56.06-1
Control: found -10 525.85.12-1
Control: found -10 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: fixed -1 530.41.03-1

https://nvidia.custhelp.com/app/answers/detail/a_id/5452

CVE-2023-0189   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer handler, which may lead to code
execution, denial of service, escalation of privileges, information
disclosure, and data tampering.

CVE-2023-0184   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, which may lead to
denial of service, escalation of privileges, information disclosure, and
data tampering.

CVE-2023-0181   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in a kernel mode layer handler, where memory permissions
are not correctly checked, which may lead to denial of service and data
tampering.

CVE-2023-0191   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
access may lead to denial of service or data tampering.

CVE-2023-0183   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer where an out-of-bounds write can
lead to denial of service and data tampering.

CVE-2023-0180   NVIDIA GPU Display Driver for Linux contains a
vulnerability in a kernel mode layer handler, which may lead to denial
of service or information disclosure.

CVE-2023-0185   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where sign conversion issues may
lead to denial of service or information disclosure.

CVE-2023-0198   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where improper restriction of
operations within the bounds of a memory buffer can lead to denial of
service, information disclosure, and data tampering.

CVE-2023-0187   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
read can lead to denial of service.

CVE-2023-0199   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an out-of-bounds
write can lead to denial of service and data tampering.

CVE-2023-0190   NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a NULL pointer dereference
may lead to denial of service.

CVE-2023-0188   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer handler, where an unprivileged
user can cause an out-of-bounds read, which may lead to denial of
service.

CVE-2023-0194   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to denial of service.

CVE-2023-0195   NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability in the kernel mode layer driver, where an invalid
display configuration may lead to information disclosure.


Linux Driver Branch     CVE IDs Addressed

R530, R525, R515        CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0183, CVE-2023-0185, CVE-2023-0187,
                        CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
                        CVE-2023-0190, CVE-2023-0194, CVE-2023-0195,
                        CVE-2023-0191

R470                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0187, CVE-2023-0198,
                        CVE-2023-0199, CVE-2023-0188, CVE-2023-0190,
                        CVE-2023-0194, CVE-2023-0195, CVE-2023-0191

R450                    CVE-2023-0184, CVE-2023-0189, CVE-2023-0180,
                        CVE-2023-0185, CVE-2023-0198, CVE-2023-0199,
                        CVE-2023-0188, CVE-2023-0190, CVE-2023-0194,
                        CVE-2023-0195, CVE-2023-0191


Driver Branch   Affected Driver Versions                        Updated Driver 
Version
R530            All driver versions prior to 530.41.03          530.41.03
R525            All driver versions prior to 525.105.17         525.105.17
R515            All driver versions prior to 515.105.01         515.105.01
R470            All driver versions prior to 470.182.03         470.182.03
R450            All driver versions prior to 450.236.01         450.236.01


Andreas

--- End Message ---

--- Begin Message ---

Source: nvidia-graphics-drivers-tesla-470
Source-Version: 470.182.03-1~deb11u1
Done: Andreas Beckmann <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-470, which is due to be installed in the Debian 
FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1033...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated 
nvidia-graphics-drivers-tesla-470 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 17 Apr 2023 04:41:27 +0200
Source: nvidia-graphics-drivers-tesla-470
Architecture: source
Version: 470.182.03-1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1028261 1031185 1033543 1033774 1033780
Changes:
 nvidia-graphics-drivers-tesla-470 (470.182.03-1~deb11u1) bullseye; 
urgency=medium
 .
   * Rebuild for bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.182.03-1) unstable; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033780)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.  (Closes: #1028261)
   * Updated Turkish (tr) debconf translations by Atila KOÇ. (Closes: #1033543)
 .
 nvidia-graphics-drivers (470.182.03-1) bullseye; urgency=medium
 .
   * New upstream production branch release 470.182.03 (2023-03-30).
     * Fixed CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185,
       CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188,
       CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191.
       https://nvidia.custhelp.com/app/answers/detail/a_id/5452
       (Closes: #1033774)
     * Improved compatibility with recent Linux kernels.
 .
   [ Andreas Beckmann ]
   * Refresh patches.
   * nvidia-detect: Drop support for stretch(-lts) (EoL).
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * New Brazilian Portuguese (pt_BR) debconf translations by Paulo Henrique de
     Lima Santana.
   * Updated Turkish (tr) debconf translations by Atila KOÇ.
   * Bump Standards-Version to 4.6.2. No changes needed.
   * Upload to bullseye.
 .
 nvidia-graphics-drivers-tesla-470 (470.161.03-2) unstable; urgency=medium
 .
   * Backport acpi_op_remove changes from 470.182.03 to fix kernel module build
     for Linux 6.2.
   * Backport drm_connector_has_override_edid changes from 525.78.01 to fix
     kernel module build for Linux 6.2.
   * Drop support for building modules for non-native kernel architectures.
   * nvidia-tesla-470-alternative: Access kmod config files over a versioned
     symlink (510.108.03-3).
   * Add versioned Provides: nvidia-kernel-dkms-any (515.65.01-1).
   * Fix nvngx.dll install location (525.89.02-1).  (Closes: #1031185)
   * Bump Standards-Version to 4.6.2. No changes needed.
Checksums-Sha1:
 845a910fc37b834d9846a8a40f2d99f6ee1b4ef1 8188 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1.dsc
 7e97ffa7747fbe395632bb67aad21faede0555bf 211444 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1.debian.tar.xz
 16287b50b7001a1b4f701413fd1988a170dcb37e 8455 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1_source.buildinfo
Checksums-Sha256:
 e9c61747c86e0178d9f8582966ddf6c3b2d11f5af2286bc42cff60efbf42d09e 8188 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1.dsc
 a0a6b0667f7f3ac6d5ca423852d689e562b38a0c9eac76b9cb0791d6851a4969 211444 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1.debian.tar.xz
 dfa6ec8c682b8a5e4692e154e54a33570c1adfbbaf4d596cc229fbfb68f9e74e 8455 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1_source.buildinfo
Files:
 1a5558069780249b114e76af05bdb54b 8188 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1.dsc
 737602c112cf81531600499aa077dc62 211444 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1.debian.tar.xz
 47d4ba50b9238ee7d250f039dc981617 8455 non-free/libs optional 
nvidia-graphics-drivers-tesla-470_470.182.03-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmQ8sr0QHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCEPzD/9duVaZD3xsPBHVyN/I36vfa77+JQ1NMjLp
832RMcNLRMdrloyiVbk2ZBTWtSLmCmlAmOAStJJESbCmgi3/kHd8fZwrl8aYr04p
jI01tvkr4MGTkrdS7CHlOB4SlBWSmdUKG7Eb6egoCPfl3XO9YJx0Gs+lUFZNdHZY
UA5T4SX2hZUNjTiPFQQqJT03UncCuBrJfXt3sWR+JM/eWY3PLW9zMql2IvWKd2Ur
WB/q75X8QgABk+XR+r1N9B2O9xaRtMXWNFtfEqxYLMpe3RnnlARKeDNVpYjta26G
aLZ6+3xmP/K5FpO/CLYx5+fLIqzdphihno6yzzUyQWlRJS1PauK9D1nV56JuI6mx
Sp0yA6N1rZEjv57nU5DtcS9h1C1ME3HrY/wJROsJXs1dhcN9PRSMYNFZpsPsB83h
Fyg/HLHb2fq7AP44zqXcsp3NMPSHd2AHzOYvcLc2XzvDtplQmDtXgAAejkPsy/k4
7zuw5ILInQ/ssH8Bqu3ml4QfdDVKVUBIeutISf/W4JtVugEEI67tcxE5njltncMb
IrjpoyqIpHNCFi/d/UFK/BIjmt/6RmXUOB3EOhcJ9UR/6L1pZWa2ATFqu5iYdpAF
fTZV92JXuhWK1GOcNEQnZyb021rnJUBgOMOrJYiqv8TGaoPNbFoqcn/sVF7gzw07
kychShC/eA==
=AI9e
-----END PGP SIGNATURE-----

--- End Message ---

Bug#1033780: marked as done (nvidia-graphics-drivers-tesla-470: CVE-2023-0184, CVE-2023-0189, CVE-2023-0180, CVE-2023-0185, CVE-2023-0187, CVE-2023-0198, CVE-2023-0199, CVE-2023-0188, CVE-2023-0190, CVE-2023-0194, CVE-2023-0195, CVE-2023-0191)

Reply via email to