Your message dated Tue, 11 Jul 2023 22:02:08 +0000
with message-id <e1qjlqu-003fvq...@fasolo.debian.org>
and subject line Bug#1039678: fixed in nvidia-graphics-drivers-tesla-470
470.199.02-1~deb12u1
has caused the Debian Bug report #1039678,
regarding nvidia-graphics-drivers: CVE-2023-25515, CVE-2023-25516
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1039678: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039678
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-25515,
CVE-2023-25516
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-25515,
CVE-2023-25516
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-25515,
CVE-2023-25516
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-25515,
CVE-2023-25516
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-25515,
CVE-2023-25516
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-25515,
CVE-2023-25516
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2023-25515,
CVE-2023-25516
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2023-25515,
CVE-2023-25516
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5468
CVE-2023-25515 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where unexpected untrusted data is parsed, which may
lead to code execution, denial of service, escalation of privileges,
data tampering, or information disclosure.
CVE-2023-25516 NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged user can
cause an integer overflow, which may lead to information disclosure and
denial of service.
Linux Driver Branch CVE IDs Addressed
R535, R525, R470, R450 CVE-2023-25515, CVE-2023-25516
Driver Branch Affected Driver Versions Updated Driver
Version
R535 All driver versions prior to 535.54.03 535.54.03
R525 All driver versions prior to 525.125.06 525.125.06
R470 All driver versions prior to 470.199.02 470.199.02
R450 All driver versions prior to 450.248.02 450.248.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers-tesla-470
Source-Version: 470.199.02-1~deb12u1
Done: Andreas Beckmann <a...@debian.org>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-tesla-470, which is due to be installed in the Debian
FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1039...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated
nvidia-graphics-drivers-tesla-470 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 10 Jul 2023 15:47:40 +0200
Source: nvidia-graphics-drivers-tesla-470
Architecture: source
Version: 470.199.02-1~deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1038004 1039678 1039684
Changes:
nvidia-graphics-drivers-tesla-470 (470.199.02-1~deb12u1) bookworm;
urgency=medium
.
* Rebuild for bookworm.
.
nvidia-graphics-drivers-tesla-470 (470.199.02-1) unstable; urgency=medium
.
* New upstream production branch release 470.199.02 (2023-06-26).
* Fixed CVE-2023-25515, CVE-2023-25516. (Closes: #1039684)
https://nvidia.custhelp.com/app/answers/detail/a_id/5468
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
.
nvidia-graphics-drivers (470.199.02-1) bullseye; urgency=medium
.
* New upstream production branch release 470.199.02 (2023-06-26).
* Fixed CVE-2023-25515, CVE-2023-25516. (Closes: #1039678)
https://nvidia.custhelp.com/app/answers/detail/a_id/5468
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
* Upload to bullseye.
.
nvidia-graphics-drivers-tesla-470 (470.182.03-2) unstable; urgency=medium
.
* Backport vm_area_struct_has_const_vm_flags changes from 470.199.02 to fix
kernel module build for Linux 6.3. (Closes: #1038004)
* Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel
module build for Linux 6.4.
.
nvidia-graphics-drivers-tesla-470 (470.182.03-1~deb11u1) bullseye;
urgency=medium
.
* Rebuild for bullseye.
Checksums-Sha1:
56036d4528681dadf6a053cfcc4399a420100513 8188
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1.dsc
f0a700d5ab787f4c0f432baa4a1beb2b7e0e8551 211844
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1.debian.tar.xz
135e55242ea084bd09d74e7eec6c2757ad6f0c72 7807
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1_source.buildinfo
Checksums-Sha256:
29998602b33243e9d4cbc851b0e6f1847d6c7ad8b1657ff7da599dd41275084a 8188
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1.dsc
d23ee07afaa2f9381f793eddcebc7ee5eee2c74aa07cc38a20d27eb48239707e 211844
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1.debian.tar.xz
f9151a504c8f0f68c6db54b44cc3212ad93c66ea647084452539e695b7cc3a80 7807
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1_source.buildinfo
Files:
a8efd78b67b5c67062b35e3c223bc230 8188 non-free/libs optional
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1.dsc
92915678235c992244b8fc22f8ff275f 211844 non-free/libs optional
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1.debian.tar.xz
584d0694c0010da62d6c3c125c78e17b 7807 non-free/libs optional
nvidia-graphics-drivers-tesla-470_470.199.02-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmSsgjIQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCNLzD/9h91shhy+Xvo4FT3sMfs9R2hF+1sPwmVuU
hYNqN+aIAN8Zn/Aoge9W18WLTYv0EfozAkVbyLC2iLD3bzN5GpkiLRh+pvlIFAQN
D8G9fB+t6TYm4vsi5TRzdMXQxqQ1VOFetO5LtCk+1JJXeW9k+vY3V5Uhp8YBLtfk
K2Np87tlcx4aSl6kPr4iMRrKShlUo/p4U/a18W75Z9nQJXMHZzAuv6q3TCSFeBFO
t7kY8sfqwyviyJaa7gR9WP/zOI/nnopgJSbmcqz3DI5VEODc5o82arQXOYy6ourX
M+vH2EGMQKNutZxOEcoNmUdMy8As/509ELxSTlX/K6d8QZ1F1Tw90wJqECSADyRl
GZAXTRldooTKaf/8+htQX/J2E4FiWAdQ+lq09IMTx9Ag+EEqbT5zuOedXyLdpacz
ylIhQatVlqNTzgdJfECXo3VEdltq1YH6b1K7WcYQFEbm+3nf+sUN4t4RHVDUC4OE
himqMmiJ6K6TAma/Vwqs4BEtkJ9pJQKaBGJ7WM+vzIWwxvsU2f6KdCggmM1oAktQ
edlC7hY9T5sUh9O79yyzaiTRNRN4M4rIVXBkRaWXic2+llKBeAHaVod/xc1mbWyO
IhUkZJRFX5yk5Sdyv2/WmNOqJyHPrEydN6ugDoCNvbHXcYowCS+UX0SUxEmLLRS7
8tM85ueDGQ==
=P3mG
-----END PGP SIGNATURE-----
--- End Message ---