On Thu, 2017-02-16 at 11:06 +0000, Luca Boccassi wrote: > On Thu, 16 Feb 2017 11:50:27 +0100 Andreas Beckmann <a...@debian.org> > wrote: > > Source: nvidia-graphics-drivers > > Version: 343.22-1 > > Severity: serious > > Tags: security > > Control: found -1 1.0.4363-1 > > Control: found -1 310.14-1 > > Control: clone -1 -2 -3 > > Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx > > 340.76-6 > > Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2017- > > 0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318 > > Control: reassign -3 src:nvidia-graphics-drivers-legacy-304xx > > 304.108-2 > > Control: retitle -3 nvidia-graphics-drivers-legacy-304xx: CVE-2017- > > 0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318 > > > > http://nvidia.custhelp.com/app/answers/detail/a_id/4398 > > > > CVE-2017-0309 > > > > NVIDIA GPU Display Driver contains a vulnerability in the kernel > > mode > > layer handler where multiple integer overflows may cause improper > > memory > > allocation, which may lead to a denial of service or potential > > escalation of privileges. > > > > CVE-2017-0310 > > > > NVIDIA GPU Display Driver contains a vulnerability in the kernel > > mode > > layer handler where improper access controls allow an unprivileged > > user > > to cause a denial of service. > > > > CVE-2017-0311 > > > > NVIDIA GPU Display Driver contains a vulnerability in the kernel > > mode > > layer handler where improper access control may lead to a denial of > > service or possible escalation of privileges. > > > > CVE-2017-0321 > > > > NVIDIA GPU Display Driver contains a vulnerability in the kernel > > mode > > layer handler where a NULL pointer dereference caused by invalid > > user > > input may lead to a denial of service or potential escalation of > > privileges. > > > > CVE-2017-0318 > > > > NVIDIA Linux GPU Display Driver contains a vulnerability in the > > kernel > > mode layer handler where improper validation of an input parameter > > may > > cause a denial of service on the system. > > > > > > Andreas > > It did look very suspicious that they released all those new versions > all at the same time, and with a one-line changelog for 340.xx and > 304.xx... Now I see why! > > I assume we'll get an exception for Stretch, but I'd still like to > keep > the new patches to support kernel 4.10, do you think that's all > right? > > Work on 304 and 340 is done in the respective branches (haven't ran > 340 > yet, just tested modules builds). I'll finish working on 375 tonight > and > give both a spin. > > Kind regards, > Luca Boccassi
Uploaded patches to trunk for 375. Gave it a quick spin and OpenGL and OpenCL seem to work fine on Gnome 3. Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part