Your message dated Mon, 29 Aug 2022 08:32:29 +0000
with message-id <e1osac5-002sfj...@fasolo.debian.org>
and subject line Bug#1016616: fixed in nvidia-graphics-drivers-legacy-390xx
390.154-1~deb10u1
has caused the Debian Bug report #1016616,
regarding nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607, CVE-2022-31608,
CVE-2022-31615
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1016616: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016616
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
Control: clone -1 -2 -3 -4 -5 -6 -7 -8
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: reassign -8 src:nvidia-graphics-drivers-tesla-510 510.47.03-1
Control: retitle -8 nvidia-graphics-drivers-tesla-510: CVE-2022-31607,
CVE-2022-31608, CVE-2022-31615
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5383
CVE-2022-31607 NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer (nvidia.ko), where a local user
with basic capabilities can cause improper input validation, which may
lead to denial of service, escalation of privileges, data tampering, and
limited information disclosure.
CVE-2022-31608 NVIDIA GPU Display Driver for Linux contains a
vulnerability in an optional D-Bus configuration file, where a local
user with basic capabilities can impact protected D-Bus endpoints, which
may lead to code execution, denial of service, escalation of privileges,
information disclosure, and data tampering.
CVE-2022-31615 NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where a local user with basic
capabilities can cause a null-pointer dereference, which may lead to
denial of service.
Linux Driver Branch CVE IDs Addressed
R515, R510, R470, R450, R390 CVE-2022-31607, CVE-2022-31608, CVE-2022-31615
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers-legacy-390xx
Source-Version: 390.154-1~deb10u1
Done: Andreas Beckmann <a...@debian.org>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-legacy-390xx, which is due to be installed in the
Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1016...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated
nvidia-graphics-drivers-legacy-390xx package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 29 Aug 2022 02:51:31 +0200
Source: nvidia-graphics-drivers-legacy-390xx
Architecture: source
Version: 390.154-1~deb10u1
Distribution: buster
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1012618 1012700 1016616
Changes:
nvidia-graphics-drivers-legacy-390xx (390.154-1~deb10u1) buster; urgency=medium
.
* Rebuild for buster.
.
nvidia-graphics-drivers-legacy-390xx (390.154-1) unstable; urgency=medium
.
* New upstream legacy branch release 390.154 (2022-08-02).
* Fixed CVE-2022-31607, CVE-2022-31608, CVE-2022-31615. (Closes: #1016616)
https://nvidia.custhelp.com/app/answers/detail/a_id/5383
* Improved compatibility with recent Linux kernels.
.
[ Andreas Beckmann ]
* Refresh patches.
* Minor packaging sync and cleanup (470.129.06-6).
* Drop references to kernel-package and make-kpkg, gone since stretch
(470.141.03-1).
* Overhaul build-module-packages.sh (470.141.03-1).
* Add module-assistant based autopkgtest for the *-source package
(470.141.03-1).
* Simplify changelog management for the *-source package (470.141.03-1).
* Copy the Source stanza from d/control to the module control file
(470.141.03-1).
* Update lintian overrides.
.
nvidia-graphics-drivers-legacy-390xx (390.151-2) unstable; urgency=medium
.
* Backport pci/dma changes from 470.129.06 to fix kernel module build for
Linux 5.18. (Closes: #1012700, #1012618)
* Update lintian overrides.
Checksums-Sha1:
112f34b755c26ec2df97ddc9ca74f559bc5d9a46 8022
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1.dsc
e8d5793ce7bcbd1ef4658b7be25357d17cdcb533 178268
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1.debian.tar.xz
1e82ecf7472d815261774d1afbd2f4ed9e70ebec 8158
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1_source.buildinfo
Checksums-Sha256:
844204d20d16b796022afcad70c9dadec3e46bad9dec94157d0a230973288971 8022
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1.dsc
15641a5cc346bb4c7b253c73350d2552b184340405e14213bc92de4c42bae2ef 178268
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1.debian.tar.xz
5bb333e6d1168a3e4f2692efc5c1a2c6212d84b8afc9f7f7afc635c27d450ab8 8158
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1_source.buildinfo
Files:
32bd745b9a1cfc7a9761eb06bf02ec6c 8022 non-free/libs optional
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1.dsc
23a8705bafbf3700a664fca342b7e2b5 178268 non-free/libs optional
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1.debian.tar.xz
85cc8c2f9d7e81510d8c6c87cd76dfad 8158 non-free/libs optional
nvidia-graphics-drivers-legacy-390xx_390.154-1~deb10u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmMMDiUQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCEAcEACMOIAZGsQHtNFlhnr2GpnDbdffLWnidnmY
VKPhNf49vUwmYE6TqAFMnrLjc8lzO0qcX9jWLFUz1AQSRPXCQo4ucaWbYH5fjWYy
ghjgPw5tMaWRU9X3V0OTcLEsSM/7NMC2N4SJ88rD27JCui25RcxBXWimz1mN84j/
IYDdNQ/m2U1VSpZ6/dzNHBb6bomHr3xe9pkCmM/FUuextDDsKDj7rkp8gS3KtUIa
I6uy+/ngnIfM/cWrXdOi6iMxEtvS6EDhvXkFGD8QshUuYt9ZwwuNODRgJWLehKqW
M3xvSqiMuJ586Fa80C/BJH7HCA3NLNqK6NrDexARZkD2zLZKZCxF253KawLxtBOa
QFWJx2inKgZaCwlu/+zYHFqo6yqTJJ9lM250LYn0DgcZSRXxl+5nxmxuIiq4xxR0
wVjsK/uEi5yfp1prkGFpkTSv168rrh0ptSFXW1XAZ1EF5Fb0augYYeJlY/LtuIK+
G3O6L2KBWMNfG1UlFJijhirLDiETDgQrpFDLvtFCXLKnpzfmu2zWQ3HC68yuBmyi
gC9ZLGE9p+sgGWapiefuZ+jjz0AksatvmdQ2GMsH5ZGHnNegs8ujF3V2DsctAtnl
P+tiaeRX1eE/HlRGOzVYliuin4v9JXPNWCN2imdLPgNRW6C5RV9VTXp4M1/hruts
nrF4hrMJcw==
=W6LT
-----END PGP SIGNATURE-----
pgpboZx4QdGWL.pgp
Description: PGP signature
--- End Message ---
