Your message dated Sat, 15 Jul 2023 16:32:11 +0000 with message-id <e1qkibn-0053ae...@fasolo.debian.org> and subject line Bug#1039686: fixed in nvidia-open-gpu-kernel-modules 525.125.06-1~deb12u1 has caused the Debian Bug report #1039686, regarding nvidia-open-gpu-kernel-modules: CVE-2023-25515, CVE-2023-25516 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1039686: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039686 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-25515, CVE-2023-25516 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-25515, CVE-2023-25516 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-25515, CVE-2023-25516 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-25515, CVE-2023-25516 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-25515, CVE-2023-25516 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-25515, CVE-2023-25516 Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2023-25515, CVE-2023-25516 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2023-25515, CVE-2023-25516 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5468 CVE-2023-25515 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. CVE-2023-25516 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. Linux Driver Branch CVE IDs Addressed R535, R525, R470, R450 CVE-2023-25515, CVE-2023-25516 Driver Branch Affected Driver Versions Updated Driver Version R535 All driver versions prior to 535.54.03 535.54.03 R525 All driver versions prior to 525.125.06 525.125.06 R470 All driver versions prior to 470.199.02 470.199.02 R450 All driver versions prior to 450.248.02 450.248.02 Andreas
--- End Message ---
--- Begin Message ---Source: nvidia-open-gpu-kernel-modules Source-Version: 525.125.06-1~deb12u1 Done: Andreas Beckmann <a...@debian.org> We believe that the bug you reported is fixed in the latest version of nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1039...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-open-gpu-kernel-modules package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 14 Jul 2023 12:17:23 +0200 Source: nvidia-open-gpu-kernel-modules Architecture: source Version: 525.125.06-1~deb12u1 Distribution: bookworm Urgency: medium Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Closes: 1039686 Changes: nvidia-open-gpu-kernel-modules (525.125.06-1~deb12u1) bookworm; urgency=medium . * Rebuild for bookworm. . nvidia-open-gpu-kernel-modules (525.125.06-1) unstable; urgency=medium . * New upstream production branch release 525.125.06 (2023-06-26). * Fixed CVE-2023-25515, CVE-2023-25516. (Closes: #1039686) https://nvidia.custhelp.com/app/answers/detail/a_id/5468 . nvidia-open-gpu-kernel-modules (525.116.04-1) unstable; urgency=medium . * New upstream production branch release 525.116.04 (2023-05-09). * New upstream production branch release 525.116.03 (2023-04-25). * Refresh patches. . nvidia-open-gpu-kernel-modules (525.105.17-2) unstable; urgency=medium . * Backport drm_driver_has_dumb_destroy changes from 525.116.03 to fix kernel module build for Linux 6.4. Checksums-Sha1: ffc30e16b2221a67ef068412bce7335d119b17e6 2761 nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1.dsc c0f61e776f615665a43f08750c9ffc8b7f012ee5 19584 nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1.debian.tar.xz acaa8cf0f6196e5c19839812a685881c0f36f6f2 5641 nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1_source.buildinfo Checksums-Sha256: 690da0dff32e9044d7925b8606d889e7297fe4d66b5107ad32668d5d2faf3c8b 2761 nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1.dsc 76f41ea7a8e29cfe8b4afb75fcf9ee51a2b1ba26385743b4ab739523ac36a45e 19584 nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1.debian.tar.xz 4d40fdd5c7f8650df3ea6e36d134919277775ad44305f02bd80b71f829b14512 5641 nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1_source.buildinfo Files: 5e33e8709dbffb0b624f014310a32f6f 2761 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1.dsc dbd47dbc5bfa8b8d10d01f8212ecda30 19584 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1.debian.tar.xz 2651d8da99038479e09f49684e04780f 5641 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmSxISAQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCLYxD/9LXDEiJjTZ0uEMgccJUkCjTnvCqtwOMav8 y0OflSiG0I0IDnGYQL1abutJHIEENknodSP8Z4XPYhzUr0mHOPNkCaZ6vIbfxFvz d8HNq65I8TcyepGTpAJUvUjNNX/EXwPjHzgUdxCJLKWP9R7ChqPu74ulJl2xyy3T UGQ7y2WDEN6iZc1WT0tv9Iv7B2w3AzdS48PZ/nOi+bxf5u8Xn30JDmXR9zU9qq+q r1g+RswlF3VO9Ug0zy+Z+2UEHc3OLuCjBLGDt7iVtRNhU5XFnVBHGsQOCrs3Dlxu atVmJuX1PjKkmWi7xdU6P/j7MIDOlZ07F930SyxLu8nYniQrcEFd4OizU+wjLFSm m+Rva6xZj63MAWmz0Ti0sJ7A+c1yrJVRc5Nvq4VxfozsRYBZ9niSvsN3a+kQd3fb w7IPe7jMkfKZRUfR1jbpZc+lZE9UTGy8WSMyyFAMAyixppWrykPRtmut/KDLRlRc gtAPcH7rma9/CGcTqZPWO5qOx/fKI5RiGKtD7v9L2J0I8nQQc+mIAJq6of345P5k rjzqeFPYtXiIllMzUB9s6f8ELkfC3dDWJQVy6NHsCuR85LFRYvLnAO1cOqXqlqxU RzvDvvjhbBrbnGE8GJG01Iv1FrO6BZuoAfSLFig27KGbeeRXy2rQoOaiMSuDHtYb RJbcR0p6Rg== =+bZx -----END PGP SIGNATURE-----
--- End Message ---
