Bug#855277: marked as done (nvidia-graphics-drivers: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318)

Thu, 23 Feb 2017 07:52:05 -0800 

Your message dated Thu, 23 Feb 2017 15:49:14 +0000
with message-id <e1cgvdq-000dsr...@fasolo.debian.org>
and subject line Bug#855277: fixed in nvidia-graphics-drivers 375.39-1
has caused the Debian Bug report #855277,
regarding nvidia-graphics-drivers: CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, 
CVE-2017-0321, CVE-2017-0318
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
855277: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855277
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Source: nvidia-graphics-drivers
Version: 343.22-1
Severity: serious
Tags: security
Control: found -1 1.0.4363-1
Control: found -1 310.14-1
Control: clone -1 -2 -3
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2017-0309, 
CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
Control: reassign -3 src:nvidia-graphics-drivers-legacy-304xx 304.108-2
Control: retitle -3 nvidia-graphics-drivers-legacy-304xx: CVE-2017-0309, 
CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318

http://nvidia.custhelp.com/app/answers/detail/a_id/4398

CVE-2017-0309

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where multiple integer overflows may cause improper memory
allocation, which may lead to a denial of service or potential
escalation of privileges.

CVE-2017-0310

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where improper access controls allow an unprivileged user
to cause a denial of service.

CVE-2017-0311

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where improper access control may lead to a denial of
service or possible escalation of privileges.

CVE-2017-0321

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where a NULL pointer dereference caused by invalid user
input may lead to a denial of service or potential escalation of
privileges.

CVE-2017-0318

NVIDIA Linux GPU Display Driver contains a vulnerability in the kernel
mode layer handler where improper validation of an input parameter may
cause a denial of service on the system.


Andreas

--- End Message ---
--- Begin Message --- 
Source: nvidia-graphics-drivers
Source-Version: 375.39-1

We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 855...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 23 Feb 2017 16:36:38 +0100
Source: nvidia-graphics-drivers
Binary: nvidia-driver nvidia-driver-bin nvidia-driver-libs 
nvidia-driver-libs-i386 xserver-xorg-video-nvidia nvidia-legacy-check 
libgldispatch0-nvidia libopengl0-glvnd-nvidia libglx0-glvnd-nvidia 
libglx-nvidia0 libgl1-glvnd-nvidia-glx libgl1-nvidia-glvnd-glx 
libgl1-nvidia-glx libnvidia-glcore libegl1-glvnd-nvidia libegl1-nvidia 
libegl-nvidia0 libgles1-glvnd-nvidia libgles1-nvidia libgles-nvidia1 
libgles2-glvnd-nvidia libgles2-nvidia libgles-nvidia2 libnvidia-eglcore 
libnvidia-egl-wayland nvidia-egl-common nvidia-egl-icd nvidia-vulkan-common 
nvidia-vulkan-icd libnvidia-cfg1 nvidia-alternative nvidia-kernel-support 
nvidia-kernel-dkms nvidia-kernel-source nvidia-vdpau-driver nvidia-smi 
nvidia-cuda-mps libcuda1 libcuda1-i386 libnvidia-compiler 
libnvidia-fatbinaryloader libnvidia-ptxjitcompiler libnvcuvid1 
libnvidia-encode1 libnvidia-ifr1 libnvidia-fbc1 libnvidia-ml1 
nvidia-opencl-common nvidia-opencl-icd nvidia-libopencl1 nvidia-detect
Architecture: source
Version: 375.39-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Description:
 libcuda1   - NVIDIA CUDA Driver Library${nvidia:LegacyDesc}
 libcuda1-i386 - NVIDIA CUDA 32-bit runtime library${nvidia:LegacyDesc}
 libegl-nvidia0 - NVIDIA binary EGL library${nvidia:LegacyDesc}
 libegl1-glvnd-nvidia - Vendor neutral GL dispatch library -- libEGL
 libegl1-nvidia - NVIDIA binary EGL library (non-GLVND 
variant)${nvidia:LegacyDesc}
 libgl1-glvnd-nvidia-glx - Vendor neutral GL dispatch library -- libGL
 libgl1-nvidia-glvnd-glx - NVIDIA binary OpenGL/GLX library (GLVND 
variant)${nvidia:LegacyDe
 libgl1-nvidia-glx - NVIDIA binary OpenGL/GLX library (non-GLVND 
variant)${nvidia:Lega
 libgldispatch0-nvidia - Vendor neutral GL dispatch library -- libGLdispatch
 libgles-nvidia1 - NVIDIA binary OpenGL|ES 1.x library${nvidia:LegacyDesc}
 libgles-nvidia2 - NVIDIA binary OpenGL|ES 2.x library${nvidia:LegacyDesc}
 libgles1-glvnd-nvidia - NVIDIA binary OpenGL|ES 1.x GLVND stub library
 libgles1-nvidia - NVIDIA binary OpenGL|ES 1.x library 
(transitional)${nvidia:Legacy
 libgles2-glvnd-nvidia - NVIDIA binary OpenGL|ES 2.x GLVND stub library
 libgles2-nvidia - NVIDIA binary OpenGL|ES 2.x library 
(transitional)${nvidia:Legacy
 libglx-nvidia0 - NVIDIA binary GLX library${nvidia:LegacyDesc}
 libglx0-glvnd-nvidia - Vendor neutral GL dispatch library -- libGLX
 libnvcuvid1 - NVIDIA CUDA Video Decoder runtime library${nvidia:LegacyDesc}
 libnvidia-cfg1 - NVIDIA binary OpenGL/GLX configuration 
library${nvidia:LegacyDesc
 libnvidia-compiler - NVIDIA runtime compiler library${nvidia:LegacyDesc}
 libnvidia-egl-wayland - NVIDIA binary EGL wayland libraries${nvidia:LegacyDesc}
 libnvidia-eglcore - NVIDIA binary EGL core libraries${nvidia:LegacyDesc}
 libnvidia-encode1 - NVENC Video Encoding runtime library${nvidia:LegacyDesc}
 libnvidia-fatbinaryloader - NVIDIA FAT binary loader${nvidia:LegacyDesc}
 libnvidia-fbc1 - NVIDIA OpenGL-based Framebuffer Capture runtime 
library${nvidia:L
 libnvidia-glcore - NVIDIA binary OpenGL/GLX core libraries${nvidia:LegacyDesc}
 libnvidia-ifr1 - NVIDIA OpenGL-based Inband Frame Readback runtime 
library${nvidia
 libnvidia-ml1 - NVIDIA Management Library (NVML) runtime 
library${nvidia:LegacyDe
 libnvidia-ptxjitcompiler - NVIDIA PTX JIT Compiler${nvidia:LegacyDesc}
 libopengl0-glvnd-nvidia - Vendor neutral GL dispatch library -- libOpenGL
 nvidia-alternative - allows the selection of NVIDIA as GLX 
provider${nvidia:LegacyDesc
 nvidia-cuda-mps - NVIDIA CUDA Multi Process Service (MPS)
 nvidia-detect - NVIDIA GPU detection utility
 nvidia-driver - NVIDIA metapackage${nvidia:LegacyDesc}
 nvidia-driver-bin - NVIDIA driver support binaries${nvidia:LegacyDesc}
 nvidia-driver-libs - NVIDIA metapackage (OpenGL/GLX/EGL/GLES 
libraries)${nvidia:Legacy
 nvidia-driver-libs-i386 - NVIDIA metapackage (OpenGL/GLX/EGL/GLES 32-bit 
libraries)${nvidia
 nvidia-egl-common - NVIDIA binary EGL driver - common files
 nvidia-egl-icd - NVIDIA EGL installable client driver (ICD)
 nvidia-kernel-dkms - NVIDIA binary kernel module DKMS 
source${nvidia:LegacyDesc}
 nvidia-kernel-source - NVIDIA binary kernel module source${nvidia:LegacyDesc}
 nvidia-kernel-support - NVIDIA binary kernel module support 
files${nvidia:LegacyDesc}
 nvidia-legacy-check - check for NVIDIA GPUs requiring a legacy driver
 nvidia-libopencl1 - NVIDIA OpenCL ICD Loader library
 nvidia-opencl-common - NVIDIA OpenCL driver - common files
 nvidia-opencl-icd - NVIDIA OpenCL installable client driver 
(ICD)${nvidia:LegacyDesc}
 nvidia-smi - NVIDIA System Management Interface${nvidia:LegacyDesc}
 nvidia-vdpau-driver - Video Decode and Presentation API for Unix - NVIDIA 
driver${nvidi
 nvidia-vulkan-common - NVIDIA Vulkan driver - common files
 nvidia-vulkan-icd - NVIDIA Vulkan installable client driver 
(ICD)${nvidia:LegacyDesc}
 xserver-xorg-video-nvidia - NVIDIA binary Xorg driver${nvidia:LegacyDesc}
Closes: 855277 855802
Changes:
 nvidia-graphics-drivers (375.39-1) unstable; urgency=medium
 .
   * New upstream long lived branch release 375.39 (2017-02-14).
     * Fixed CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0318,
       CVE-2017-0321.  (Closes: #855277)
     - Fixed a bug that caused system hangs when resuming from suspend with
       some GPUs.
     - Fixed a regression that could cause corruption when hot-plugging
       displays.
     - Fixed a regression that prevented systems with multiple DisplayPort
       monitors from resuming correctly from suspend.
     - Added support for the following GPU(s): Quadro GP100, Quadro P4000,
       Quadro P2000, Quadro P1000, Quadro P600, Quadro P400, Quadro M1200,
       Quadro M2200.
 .
   [ Luca Boccassi ]
   * Update nv-readme.ids
   * Update symbols files
   * Add deprecated-cpu-events.patch, dma-fence-rename.patch and
     vmf-address.patch to fix kernel module build on Linux 4.10 and newer.
     (Closes: #855802)
 .
   [ Andreas Beckmann ]
   * bug-control: Report information about installed Vulkan ICDs.
   * Restrict watch file to releases from the 375.xx long lived branch.
Checksums-Sha1:
 eef04bb50e0fa2ffa4ec7dffe5593411573f26b3 7746 
nvidia-graphics-drivers_375.39-1.dsc
 ab3aff4e0d53f025b7e0e6242a6d99b8f28f30fc 77226901 
nvidia-graphics-drivers_375.39.orig-amd64.tar.gz
 b5136f7e13caaec832a9c0cea2dacc9a0b6d549a 25310054 
nvidia-graphics-drivers_375.39.orig-armhf.tar.gz
 fec5212b4c2de9907696e07a7e5f2430a59ed0a0 44396785 
nvidia-graphics-drivers_375.39.orig-i386.tar.gz
 3c4d7102f7e4f3b4949fe6e1cd0d2bf6851f2c31 139 
nvidia-graphics-drivers_375.39.orig.tar.gz
 84278b2b6a77d3a01cf9e9dd9a0bb7cdbab97fcd 170060 
nvidia-graphics-drivers_375.39-1.debian.tar.xz
 8e4a331dc4d4a9abe2e508a4c1a1620e2906895f 5533 
nvidia-graphics-drivers_375.39-1_source.buildinfo
Checksums-Sha256:
 0464415244f59ad44e9945fafc9f6d6621adde0ca7ef9679442225941ccd8fb9 7746 
nvidia-graphics-drivers_375.39-1.dsc
 8c01b1a6ae5b57fb48e02b819975430db095c26a7f3dedd17206516c26ac6077 77226901 
nvidia-graphics-drivers_375.39.orig-amd64.tar.gz
 e6c86c2095c01e8a0b15f4dfca802912b082c14685e6f87eefe12284886a9df5 25310054 
nvidia-graphics-drivers_375.39.orig-armhf.tar.gz
 7e38e42abe3817723f9b42bae117e090cf8d3369ecd69a881ecd0263fa1e9a12 44396785 
nvidia-graphics-drivers_375.39.orig-i386.tar.gz
 19ca29249f0edfa320d21e19a039c33eb7e6817da9133d0588ac506139f57d12 139 
nvidia-graphics-drivers_375.39.orig.tar.gz
 3aa1df4e2b6987fceb5f17dea1433b3586c72d67c8b3ae2f290fc990180d46df 170060 
nvidia-graphics-drivers_375.39-1.debian.tar.xz
 34896cc4451c6bc92a595a58561af7f7ad6835c7b1352d1748c465a380ff98d1 5533 
nvidia-graphics-drivers_375.39-1_source.buildinfo
Files:
 25a934cb85b316ee68c2ea928bb03365 7746 non-free/libs optional 
nvidia-graphics-drivers_375.39-1.dsc
 f00ec073dc298629a915ba8eb0efc65d 77226901 non-free/libs optional 
nvidia-graphics-drivers_375.39.orig-amd64.tar.gz
 0d058a6b31ba8140d36f37a8e149aba0 25310054 non-free/libs optional 
nvidia-graphics-drivers_375.39.orig-armhf.tar.gz
 13f4f90b931fee5b3a8b6cfb9ecd8430 44396785 non-free/libs optional 
nvidia-graphics-drivers_375.39.orig-i386.tar.gz
 178b70253c699684d12bc044f3a2eaee 139 non-free/libs optional 
nvidia-graphics-drivers_375.39.orig.tar.gz
 9ebd975d0ae89c812aacfcf9d3051856 170060 non-free/libs optional 
nvidia-graphics-drivers_375.39-1.debian.tar.xz
 b3ecf60c237b62f6efebd72464e4443b 5533 non-free/libs optional 
nvidia-graphics-drivers_375.39-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYrwIoAAoJEF+zP5NZ6e0IeAgQAIGaD2jKky5XnKbe5M3E+Uwr
/aWJf7Bbv614KaafJjleXV6/CyRLCgQqtzuz6/T8lUyz5PiV3oA4zO3LZK9pHs6P
eEgwPKZ7M9VwILC/6Mu6WtsnIGpIMuUzx+Rtuolo02CINmTeQWgLBShvjHWidlZl
lU3Pq1vCJWyU51sxSVaCw+sChmzxyyQ9x8x+6IfAq7raQuwbIiO6QNrYl/ZdKJ7+
7TYD2lYvzwHH0vzB3XuSNhT552XVBKlSZKQvnZY2h693GptDsvlQcraKWZi4NqOG
Ebq6WypXRk2QUXwtP0+MJ/ZE/o9IlGn54oMftJTCkyDTkhvIKCBXQikfG4gW2Dua
3UQ0eGdpLTJMbLPhwmvNfurV2TxhyH3OAO38nnn/m3PZu9WoYLChC/z12yVcOZZd
k4p/3C3qWO6IVLvaOI6pQqhwA9JxVP+JFPSycrDaNgc0+zBhUcX5lBbFaa/yj3Jt
tUedxGUl9hHBVpgEliQKx8AOEmBWUEihlOrU9ZWOaTl3xfkrVkvNp0ZpYPh1m2je
uLZORV8Pca+++kI3lMubSIUSDTi/2xHkHThahgMlGzUOmSKAX19Yn0nLQoX7dmwR
mpc/Y/+7xm+rb0ofnAXSfTYaBAMbeNWRtudCr6y1JNyv8F0DXlmCFKYRWGaEg7bs
w4TmQCL13URJYZm4vn2Z
=kt6x
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to