Your message dated Mon, 08 Aug 2022 13:36:55 +0000 with message-id <e1ol2wb-008dzf...@fasolo.debian.org> and subject line Bug#1016614: fixed in nvidia-graphics-drivers 470.141.03-1 has caused the Debian Bug report #1016614, regarding nvidia-graphics-drivers: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016614: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016614 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nvidia-graphics-drivers Severity: serious Tags: security upstream Control: clone -1 -2 -3 -4 -5 -6 -7 -8 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1 Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5383 CVE-2022-31607 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where a local user with basic capabilities can cause improper input validation, which may lead to denial of service, escalation of privileges, data tampering, and limited information disclosure. CVE-2022-31608 NVIDIA GPU Display Driver for Linux contains a vulnerability in an optional D-Bus configuration file, where a local user with basic capabilities can impact protected D-Bus endpoints, which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVE-2022-31615 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where a local user with basic capabilities can cause a null-pointer dereference, which may lead to denial of service. Linux Driver Branch CVE IDs Addressed R515, R510, R470, R450, R390 CVE-2022-31607, CVE-2022-31608, CVE-2022-31615 Andreas
--- End Message ---
--- Begin Message ---Source: nvidia-graphics-drivers Source-Version: 470.141.03-1 Done: Andreas Beckmann <a...@debian.org> We believe that the bug you reported is fixed in the latest version of nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1016...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 08 Aug 2022 14:52:56 +0200 Source: nvidia-graphics-drivers Architecture: source Version: 470.141.03-1 Distribution: unstable Urgency: medium Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Closes: 1016614 1016736 Changes: nvidia-graphics-drivers (470.141.03-1) unstable; urgency=medium . * New upstream production branch release 470.141.03 (2022-08-02). * Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016614) https://nvidia.custhelp.com/app/answers/detail/a_id/5383 - Added support for the following GPU: GeForce RTX 3050 OEM. * Improved compatibility with recent Linux kernels. (Closes: #1016736) . [ Andreas Beckmann ] * Replace obsolete pci_*() functions with their dma_*() counterparts in ppc64el specific code paths to fix kernel module build for ppc64el. * Refresh patches. * Update nv-readme.ids. * More generic handling of architectures with gsp firmware. * Drop references to kernel-package and make-kpkg, gone since stretch. * Overhaul build-module-packages.sh. * Add module-assistant based autopkgtest for the *-source package. * Simplify changelog management for the *-source package. * Copy the Source stanza from d/control to the module control file. Checksums-Sha1: 3cf22f7a41880087939adc82646a86ef15630aad 7056 nvidia-graphics-drivers_470.141.03-1.dsc 656e2d01de1beed3d22ff87807d150fef04a7496 272970754 nvidia-graphics-drivers_470.141.03.orig-amd64.tar.gz abd7d9b589df614109ecf00386c236b157634a35 184399040 nvidia-graphics-drivers_470.141.03.orig-arm64.tar.gz 4f18c8d1ac4778f17064e8408a2760d6f8172d39 140 nvidia-graphics-drivers_470.141.03.orig.tar.gz be6fbb24fdb0bd0284e974f57208973b0bf9d7fa 209656 nvidia-graphics-drivers_470.141.03-1.debian.tar.xz 9e42975b5718f0a86fbaece3a8834679732322f2 7586 nvidia-graphics-drivers_470.141.03-1_source.buildinfo Checksums-Sha256: bbc4e97309b94a68cfe469aa6aac829507f9e075753d5009dd3e70b21c4b17de 7056 nvidia-graphics-drivers_470.141.03-1.dsc c59808154faec1c9f87d0bd0b97761807027b51df7fd27c9b3a4073b0d3b3f4c 272970754 nvidia-graphics-drivers_470.141.03.orig-amd64.tar.gz 0af3d0d34b6933dcf9f53aa81a3157bce139702e535331d5984f831b94696525 184399040 nvidia-graphics-drivers_470.141.03.orig-arm64.tar.gz 8701466110c31ff6dd5ac47046cedf4e8ab449c9c9dab0a2a3c219f55c06fc0e 140 nvidia-graphics-drivers_470.141.03.orig.tar.gz c0fd361b29a52e218c075612abb851d84a5179b3a394443b116bfca3fcb0badd 209656 nvidia-graphics-drivers_470.141.03-1.debian.tar.xz 72a7adcb07316084053bec0096d0e5551ff3e0d70220aa6849ebfef76a0d69a4 7586 nvidia-graphics-drivers_470.141.03-1_source.buildinfo Files: 8653a54b2e9d92934465b2807d6d7320 7056 non-free/libs optional nvidia-graphics-drivers_470.141.03-1.dsc f73041c488d0ca2880e34ecd71e0889b 272970754 non-free/libs optional nvidia-graphics-drivers_470.141.03.orig-amd64.tar.gz bf7d0957a0c183c2bffad867bf65430d 184399040 non-free/libs optional nvidia-graphics-drivers_470.141.03.orig-arm64.tar.gz 670a7c645247a04b4fd9a07c1d2be0d0 140 non-free/libs optional nvidia-graphics-drivers_470.141.03.orig.tar.gz 38b2c7f9a9885e4a43c78607b638e0c9 209656 non-free/libs optional nvidia-graphics-drivers_470.141.03-1.debian.tar.xz 82c70f947b72f8c0b60f01ffcd04ab25 7586 non-free/libs optional nvidia-graphics-drivers_470.141.03-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmLxCFQQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCBlREACqdT4fNT7CDaBTCUec2qQV5uEp9ltqq1zP bh4sR/i2UGOhztA2bBm4ra5au651ge/b+yk/2bHKFQzjD2NDe5ajbNFkFOxg9t2S zZ+ycpXjK92DgJwKa2N1Nz6P1gVO3nUj6Aig8JUrr4AWwRyNUq0P5WRe5YiOtM4K PYtdLpHL/CZ0Jzkp0vdijNteAAXdYkScmfV6X5Gs71DUz1bCM/YDihRty1KKk4dj qyVhehu+RvGZfmYLlUJzlEOjiw5mohn9OqOSdhDtk4kWig7koOohRhWYgbxiV2V3 x5+MItvESF2NsexO0XY56iUWPMeqOyYppcKEKY1TJrzpFbnRFyZmmt4aLtqmKVEu m8JdJ9NZANFRgjLEzb9D4tERnTC0jnOfwIDJ3zXMIeGWB7KE3dUObp5BNv0LUI9l ltBguyccD+vHbrZQIH6CHN6yeFs7hJVB4bpeqDDRLBj5RIoCnVSQKtV91DJBljku n8yvX8i7KTAqK9rR5oob/kfzaZljuG20qB1b+d7fKLjm8jLn2lEze/4ci7LaM6GW 7idc5TaDIB3JUU+eOQK5KEG5yTlJut7cf0Gv8uuTqbQtb9TDxro0OJLc1PQbGChC 2jUf7p0KR+qHj1CsUJS3lrYY1wzFiDbE8rCQUW8KjmYGNiD36fYb7zKpkMZ7PWoG rl601JgBBg== =bsn9 -----END PGP SIGNATURE-----
--- End Message ---
