Bug#869836: Info received (Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1)
Hi, Sorry to disturb but as this package contains critical security fixes and because it has already been uploaded to jessie-bpo could you please upload it to stable-updates before the point release ? Issue for jessie-bpo : https://lists.debian.org/debian-backports/2017/09/msg9.html Thanks in advance, On Sun, 13 Aug 2017 18:04:10 +0200 Julien Aubinwrote: > Hi, > > Also tested on a third machine w/ a GeForce GTX 760 and KDE and kernel 4.9 > AMD64 and it works well too. > > Thanks > > 2017-08-13 16:51 GMT+02:00 Debian Bug Tracking System < ow...@bugs.debian.org > >: > > > Thank you for the additional information you have supplied regarding > > this Bug report. > > > > This is an automatically generated reply to let you know your message > > has been received. > > > > Your message is being forwarded to the package maintainers and other > > interested parties for their attention; they will reply in due course. > > > > Your message has been sent to the package maintainer(s): > > Debian Release Team > > > > If you wish to submit further information on this problem, please > > send it to 869...@bugs.debian.org. > > > > Please do not send mail to ow...@bugs.debian.org unless you wish > > to report a problem with the Bug-tracking system. > > > > -- > > 869836: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869836 > > Debian Bug Tracking System > > Contact ow...@bugs.debian.org with problems > >
Bug#869836: Info received (Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1)
Hi, Also tested on a third machine w/ a GeForce GTX 760 and KDE and kernel 4.9 AMD64 and it works well too. Thanks 2017-08-13 16:51 GMT+02:00 Debian Bug Tracking System: > Thank you for the additional information you have supplied regarding > this Bug report. > > This is an automatically generated reply to let you know your message > has been received. > > Your message is being forwarded to the package maintainers and other > interested parties for their attention; they will reply in due course. > > Your message has been sent to the package maintainer(s): > Debian Release Team > > If you wish to submit further information on this problem, please > send it to 869...@bugs.debian.org. > > Please do not send mail to ow...@bugs.debian.org unless you wish > to report a problem with the Bug-tracking system. > > -- > 869836: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869836 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems >
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
On Sat, 12 Aug 2017 12:41:20 -0400 "Adam D. Barratt" < a...@adam-barratt.org.uk> wrote: > Control: tags -1 + pending > > On Wed, 2017-08-09 at 17:17 +0200, Andreas Beckmann wrote: > > On Tue, 08 Aug 2017 16:12:47 -0400 "Adam D. Barratt" > >wrote: > > > Please go ahead, and we'll hope it looks sane after that. :-p > > > > Uploaded, with the attached diff (from svn, excluding the blobs). > > Flagged for acceptance. > > Regards, > > Adam > > > Hi Adam, Just to confirm the fix does work fine for me, no regression seen. Hardware used : Intel Core i7 4790 32 GB RAM NVidia GeForce GTX 1070 Debian Stretch AMD64 w/ 4.9 kernel (i.e. not bpo) Environment : KDE Games tested : Civilization VI (benchmark only) Shadow of Mordor (benchmark only) Sudden Strike 4 Wargame Red Dragon Also tested on a GeForce GTX 970 (just boot test) w/o issue.
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Control: tags -1 + pending On Wed, 2017-08-09 at 17:17 +0200, Andreas Beckmann wrote: > On Tue, 08 Aug 2017 16:12:47 -0400 "Adam D. Barratt" >wrote: > > Please go ahead, and we'll hope it looks sane after that. :-p > > Uploaded, with the attached diff (from svn, excluding the blobs). Flagged for acceptance. Regards, Adam
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
On Tue, 08 Aug 2017 16:12:47 -0400 "Adam D. Barratt"wrote: > Please go ahead, and we'll hope it looks sane after that. :-p Uploaded, with the attached diff (from svn, excluding the blobs). Unfortunately I messed up while syncing the packaging between the driver series (should only have brought the lintian overrides in sync) and the stretch upload includes an unused patch from legacy 340xx driver. 375.82 builds for Linux 4.12 out-of-the-box. Please ignore debian/module/debian/patches/set-memory.patch (it's not used in series.in). Sorry for that. I only recognized it after uploading to jessie-backports as well ... Andreas ngd_375.66-2~deb9u1_375.82-1~deb9u1.diff.gz Description: application/gzip
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Control: tags -1 + confirmed On Sun, 2017-07-30 at 23:58 +0100, Luca Boccassi wrote: > On Sun, 2017-07-30 at 23:44 +0100, Adam D. Barratt wrote: > > On Sun, 2017-07-30 at 23:23 +0100, Luca Boccassi wrote: > > > To further clarify, the debdiff I attached originally is the one > > > from > > > the source I built and tested on Stretch. > > > > That's rather confusing, given that it had the changelog set to > > "unstable"... [...] > It was confusing, sorry about that. > > It was a local build from SVN on my Stretch machine to test it, so I > hadn't updated the changelog with the stable entry yet. Please go ahead, and we'll hope it looks sane after that. :-p Regards, Adam
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
On Sun, 2017-07-30 at 23:44 +0100, Adam D. Barratt wrote: > On Sun, 2017-07-30 at 23:23 +0100, Luca Boccassi wrote: > > On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote: > > > Control: tags -1 - moreinfo > > > > > > On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote: > > > > Control: tags -1 + moreinfo > > > > > > > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote: > > > > > The non-free proprietary nvidia-graphics-drivers version > > > > > 375.66 > > > > > in > > > > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. > > > > > Debian > > > > > bug: > > > > > > > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783 > > > > > > > > > > Please consider allowing the new upstream version 375.82, > > > > > which > > > > > fixes > > > > > these CVEs, in proposed-updates. As usual with these > > > > > proprietary > > > > > drivers, we cannot just cherry-pick the fixes for the CVEs as > > > > > they > > > > > are > > > > > in the binary blobs. > > > > > > > > > > I have tested this new version on a Stretch amd64 desktop and > > > > > didn't > > > > > encounter any issue. > > > > > > > > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached. > > > > > > > > While I'm sure it's probably fine, could we have a diff of the > > > > proposed > > > > 375.82-1~deb9u1, as built and tested on stretch, please? > > [...] > > > There were no changes when I opened the bug apart from the new > > > changelog entry. > > > > > > Andreas has since committed 2 small fixes to the changelog as > > > well, > > > inlined, just minor clarifications. I still find the way upstream > > > compiles their changelog quite confusing and often make mistakes > > > when > > > copying over :-) > > > > > > Kind regards, > > > Luca Boccassi > > > > To further clarify, the debdiff I attached originally is the one > > from > > the source I built and tested on Stretch. > > That's rather confusing, given that it had the changelog set to > "unstable"... > > Regards, > > Adam It was confusing, sorry about that. It was a local build from SVN on my Stretch machine to test it, so I hadn't updated the changelog with the stable entry yet. Kind regards, Luca Boccassi signature.asc Description: This is a digitally signed message part
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
On Sun, 2017-07-30 at 23:23 +0100, Luca Boccassi wrote: > On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote: > > Control: tags -1 - moreinfo > > > > On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote: > > > Control: tags -1 + moreinfo > > > > > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote: > > > > The non-free proprietary nvidia-graphics-drivers version 375.66 > > > > in > > > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian > > > > bug: > > > > > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783 > > > > > > > > Please consider allowing the new upstream version 375.82, which > > > > fixes > > > > these CVEs, in proposed-updates. As usual with these proprietary > > > > drivers, we cannot just cherry-pick the fixes for the CVEs as > > > > they > > > > are > > > > in the binary blobs. > > > > > > > > I have tested this new version on a Stretch amd64 desktop and > > > > didn't > > > > encounter any issue. > > > > > > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached. > > > > > > While I'm sure it's probably fine, could we have a diff of the > > > proposed > > > 375.82-1~deb9u1, as built and tested on stretch, please? [...] > > There were no changes when I opened the bug apart from the new > > changelog entry. > > > > Andreas has since committed 2 small fixes to the changelog as well, > > inlined, just minor clarifications. I still find the way upstream > > compiles their changelog quite confusing and often make mistakes when > > copying over :-) > > > > Kind regards, > > Luca Boccassi > > To further clarify, the debdiff I attached originally is the one from > the source I built and tested on Stretch. That's rather confusing, given that it had the changelog set to "unstable"... Regards, Adam
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote: > Control: tags -1 - moreinfo > > On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote: > > Control: tags -1 + moreinfo > > > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote: > > > The non-free proprietary nvidia-graphics-drivers version 375.66 > > > in > > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian > > > bug: > > > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783 > > > > > > Please consider allowing the new upstream version 375.82, which > > > fixes > > > these CVEs, in proposed-updates. As usual with these proprietary > > > drivers, we cannot just cherry-pick the fixes for the CVEs as > > > they > > > are > > > in the binary blobs. > > > > > > I have tested this new version on a Stretch amd64 desktop and > > > didn't > > > encounter any issue. > > > > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached. > > > > While I'm sure it's probably fine, could we have a diff of the > > proposed > > 375.82-1~deb9u1, as built and tested on stretch, please? > > > > Regards, > > > > Adam > > Hi Adam, > > There were no changes when I opened the bug apart from the new > changelog entry. > > Andreas has since committed 2 small fixes to the changelog as well, > inlined, just minor clarifications. I still find the way upstream > compiles their changelog quite confusing and often make mistakes when > copying over :-) > > Kind regards, > Luca Boccassi To further clarify, the debdiff I attached originally is the one from the source I built and tested on Stretch. Kind regards, Luca Boccassi signature.asc Description: This is a digitally signed message part
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Control: tags -1 - moreinfo On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote: > > The non-free proprietary nvidia-graphics-drivers version 375.66 in > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian bug: > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783 > > > > Please consider allowing the new upstream version 375.82, which > > fixes > > these CVEs, in proposed-updates. As usual with these proprietary > > drivers, we cannot just cherry-pick the fixes for the CVEs as they > > are > > in the binary blobs. > > > > I have tested this new version on a Stretch amd64 desktop and > > didn't > > encounter any issue. > > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached. > > While I'm sure it's probably fine, could we have a diff of the > proposed > 375.82-1~deb9u1, as built and tested on stretch, please? > > Regards, > > Adam Hi Adam, There were no changes when I opened the bug apart from the new changelog entry. Andreas has since committed 2 small fixes to the changelog as well, inlined, just minor clarifications. I still find the way upstream compiles their changelog quite confusing and often make mistakes when copying over :-) Kind regards, Luca Boccassi @@ -1,14 +1,18 @@ +nvidia-graphics-drivers (375.82-1~deb9u1) stretch; urgency=medium + + * Rebuild for stretch. + + -- Luca BoccassiSun, 30 Jul 2017 23:09:12 +0100 + nvidia-graphics-drivers (375.82-1) unstable; urgency=high * New upstream long lived branch release 375.82 (2017-07-24). * Fixed CVE-2017-6257, CVE-2017-6259. (Closes: #869783) -- Fix a bug with GLX_EXT_buffer_age where incorrect buffer age values would - be reported for SLI AFR configurations. In such configurations buffer age - may now be greater than 3, the previous maximum buffer age. +- Fix a bug with GLX_EXT_buffer_age where incorrect buffer age values + would be reported for SLI AFR configurations. In such configurations + buffer age may now be greater than 3, the previous maximum buffer age. - Fixed a bug that could cause hanging and Xids when performing RandR transforms with Overlay and SLI enabled. -- Improved handling of framebuffer console restore on systems booted in - UEFI mode. - Extended the information reported by the NVIDIA Xinerama X extension to report PRIME displays in addition to directly-connected displays. - Fixed a bug that caused HDMI audio devices to appear or disappear @@ -15,17 +19,13 @@ inconsistently when HDMI devices were hotplugged or unplugged. - Fixed a bug that could cause driver errors when setting modes on X screens running at Depth 8 or Depth 15. +- Added support for the following GPUs: GeForce GTX 1080 with Max-Q + Design, GeForce GTX 1070 with Max-Q Design, + GeForce GTX 1060 with Max-Q Design. - Fixed a bug that could cause intermittent kernel panics when running with PRIME Sync. -- Fixed a bug that caused a kernel panic when hotplugging HDMI displays on - some Zotac mini PCs. -- Updated nvidia-installer to label kernel modules with SELinux file type - 'modules_object_t'. Some system SELinux policies only permit loading of - kernel modules with this SELinux file type. -- Removed support for checking for and downloading updated driver packages - and precompiled kernel interfaces from nvidia-installer. This - functionality was limited to unencrypted ftp and http, and was - implemented using code that is no longer actively maintained. +- Fixed a bug that caused a kernel panic when hotplugging HDMI displays + on some Zotac mini PCs. [ Andreas Beckmann ] * nvidia-kernel-dkms: Honor parallel setting from dkms. (Closes: #864639) @@ -33,7 +33,7 @@ * Switch watch URL from ftp:// to https://. (Closes: #868815) [ Luca Boccassi ] - * Add support for buster/sid in nvidia-detect. (Closes: #866126) + * Add support for buster in nvidia-detect. (Closes: #866126) * Update symbols files. -- Luca Boccassi Wed, 26 Jul 2017 21:42:00 +0100 signature.asc Description: This is a digitally signed message part
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Control: tags -1 + moreinfo On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote: > The non-free proprietary nvidia-graphics-drivers version 375.66 in > Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian bug: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783 > > Please consider allowing the new upstream version 375.82, which fixes > these CVEs, in proposed-updates. As usual with these proprietary > drivers, we cannot just cherry-pick the fixes for the CVEs as they are > in the binary blobs. > > I have tested this new version on a Stretch amd64 desktop and didn't > encounter any issue. > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached. While I'm sure it's probably fine, could we have a diff of the proposed 375.82-1~deb9u1, as built and tested on stretch, please? Regards, Adam
Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Dear Release Team, The non-free proprietary nvidia-graphics-drivers version 375.66 in Stretch is affected by CVE-2017-6257 and CVE-2017-6259. Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783 Please consider allowing the new upstream version 375.82, which fixes these CVEs, in proposed-updates. As usual with these proprietary drivers, we cannot just cherry-pick the fixes for the CVEs as they are in the binary blobs. I have tested this new version on a Stretch amd64 desktop and didn't encounter any issue. The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached. Apart from the new upstream version, the other bug fixes are: - update binary library blobs symbols files reflecting upstream changes - allow parallel dkms builds if requested (#864639) by a user - re-allow dkms ccache usage if enabled by a user - switch watch files protocol to https, as upstream deprecated ftp (#868815) - mark the dkms modules as build-tested up to kernel 4.11 - add support for buster in the nvidia-detect script (#866126), that helps the users choose the correct drivers that support their hardware Kind regards, Luca Boccassidiff -Nru --exclude '*.run' nvidia-graphics-drivers-375.66/debian/bug-control.mk nvidia-graphics-drivers-375.82/debian/bug-control.mk --- nvidia-graphics-drivers-375.66/debian/bug-control.mk 2017-02-23 15:37:37.0 + +++ nvidia-graphics-drivers-375.82/debian/bug-control.mk 2017-07-26 20:22:43.0 +0100 @@ -46,6 +46,7 @@ libdrm-nouveau2 xserver-xorg-video-nouveau make + ccache libopencl1 opencl-icd libvulkan1 diff -Nru --exclude '*.run' nvidia-graphics-drivers-375.66/debian/changelog nvidia-graphics-drivers-375.82/debian/changelog --- nvidia-graphics-drivers-375.66/debian/changelog 2017-07-16 13:35:22.0 +0100 +++ nvidia-graphics-drivers-375.82/debian/changelog 2017-07-26 21:42:00.0 +0100 @@ -1,3 +1,43 @@ +nvidia-graphics-drivers (375.82-1) unstable; urgency=high + + * New upstream long lived branch release 375.82 (2017-07-24). +* Fixed CVE-2017-6257, CVE-2017-6259. (Closes: #869783) +- Fix a bug with GLX_EXT_buffer_age where incorrect buffer age values would + be reported for SLI AFR configurations. In such configurations buffer age + may now be greater than 3, the previous maximum buffer age. +- Fixed a bug that could cause hanging and Xids when performing RandR + transforms with Overlay and SLI enabled. +- Improved handling of framebuffer console restore on systems booted in + UEFI mode. +- Extended the information reported by the NVIDIA Xinerama X extension to + report PRIME displays in addition to directly-connected displays. +- Fixed a bug that caused HDMI audio devices to appear or disappear + inconsistently when HDMI devices were hotplugged or unplugged. +- Fixed a bug that could cause driver errors when setting modes on X + screens running at Depth 8 or Depth 15. +- Fixed a bug that could cause intermittent kernel panics when running with + PRIME Sync. +- Fixed a bug that caused a kernel panic when hotplugging HDMI displays on + some Zotac mini PCs. +- Updated nvidia-installer to label kernel modules with SELinux file type + 'modules_object_t'. Some system SELinux policies only permit loading of + kernel modules with this SELinux file type. +- Removed support for checking for and downloading updated driver packages + and precompiled kernel interfaces from nvidia-installer. This + functionality was limited to unencrypted ftp and http, and was + implemented using code that is no longer actively maintained. + + [ Andreas Beckmann ] + * nvidia-kernel-dkms: Honor parallel setting from dkms. (Closes: #864639) + * Do not prevent ccache usage. The bug was fixed in ccache 3.0 (in squeeze). + * Switch watch URL from ftp:// to https://. (Closes: #868815) + + [ Luca Boccassi ] + * Add support for buster/sid in nvidia-detect. (Closes: #866126) + * Update symbols files. + + -- Luca BoccassiWed, 26 Jul 2017 21:42:00 +0100 + nvidia-graphics-drivers (375.66-2~deb9u1) stretch; urgency=medium * Rebuild for stretch. diff -Nru --exclude '*.run' nvidia-graphics-drivers-375.66/debian/detect/nvidia-detect.in nvidia-graphics-drivers-375.82/debian/detect/nvidia-detect.in --- nvidia-graphics-drivers-375.66/debian/detect/nvidia-detect.in 2017-07-16 13:35:22.0 +0100 +++ nvidia-graphics-drivers-375.82/debian/detect/nvidia-detect.in 2017-07-26 20:22:43.0 +0100 @@ -139,7 +139,7 @@ else echo "Oops. Internal error 8 ($NVGA)" fi - elif grep -q "stretch\|^9\|buster\|^10" /etc/debian_version + elif grep -q "stretch\|^9" /etc/debian_version then if [[ -n ${VERSIONS[999]} ]]; then if [[ -n ${VERSIONS[340]} ]]; then @@ -167,6 +167,34 @@ else echo "Oops.