Your message dated Wed, 12 Jul 2023 08:41:11 +0000
with message-id <[email protected]>
and subject line Bug#1039678: fixed in nvidia-graphics-drivers 525.125.06-1
has caused the Debian Bug report #1039678,
regarding nvidia-graphics-drivers: CVE-2023-25515, CVE-2023-25516
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1039678: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039678
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <[email protected]>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-25515,
CVE-2023-25516
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-25515,
CVE-2023-25516
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-25515,
CVE-2023-25516
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-25515,
CVE-2023-25516
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-25515,
CVE-2023-25516
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-25515,
CVE-2023-25516
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2023-25515,
CVE-2023-25516
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2023-25515,
CVE-2023-25516
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5468
CVE-2023-25515 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where unexpected untrusted data is parsed, which may
lead to code execution, denial of service, escalation of privileges,
data tampering, or information disclosure.
CVE-2023-25516 NVIDIA GPU Display Driver for Linux contains a
vulnerability in the kernel mode layer, where an unprivileged user can
cause an integer overflow, which may lead to information disclosure and
denial of service.
Linux Driver Branch CVE IDs Addressed
R535, R525, R470, R450 CVE-2023-25515, CVE-2023-25516
Driver Branch Affected Driver Versions Updated Driver
Version
R535 All driver versions prior to 535.54.03 535.54.03
R525 All driver versions prior to 525.125.06 525.125.06
R470 All driver versions prior to 470.199.02 470.199.02
R450 All driver versions prior to 450.248.02 450.248.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers
Source-Version: 525.125.06-1
Done: Andreas Beckmann <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated nvidia-graphics-drivers
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 12 Jul 2023 09:52:32 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 525.125.06-1
Distribution: unstable
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Closes: 1039678
Changes:
nvidia-graphics-drivers (525.125.06-1) unstable; urgency=medium
.
* New upstream production branch release 525.125.06 (2023-05-09).
* Fixed CVE-2023-25515, CVE-2023-25516. (Closes: #1039678)
https://nvidia.custhelp.com/app/answers/detail/a_id/5468
- Fixed a bug which prevented running a Wayland compositor in headless
mode on GPUs without display hardware.
.
[ Andreas Beckmann ]
* Update nv-readme.ids.
Checksums-Sha1:
e794079f5b3a215c5fb5377d2732a8c049ef59f8 6948
nvidia-graphics-drivers_525.125.06-1.dsc
6bd76f6a3d04adacc1d6c9c0408f93264fafc740 414306913
nvidia-graphics-drivers_525.125.06.orig-amd64.tar.gz
3541811b27dc2a64e74c999650f59bd550a1c5d3 263013641
nvidia-graphics-drivers_525.125.06.orig-arm64.tar.gz
fe11ccda488609fdc3aed82efb8e1d6d1b4eb56d 139
nvidia-graphics-drivers_525.125.06.orig.tar.gz
cc749e91c28756d0dfd64e1ac7e764e398d0d43c 217092
nvidia-graphics-drivers_525.125.06-1.debian.tar.xz
00742f8e70d4aba7306ce57a0d4b3d826c642163 5739
nvidia-graphics-drivers_525.125.06-1_source.buildinfo
Checksums-Sha256:
265123b4049c01e8742b5435bcfa170a29eed1f24b9381cdcb4b08bc1e6f5454 6948
nvidia-graphics-drivers_525.125.06-1.dsc
f61c9d13b1f558e2f35951ea102f4adf603f6e42b038bafb600f63b1a6e3c139 414306913
nvidia-graphics-drivers_525.125.06.orig-amd64.tar.gz
4c01775a25db03251dabe9aeff1c10a40c57d5b7ab93ffa36d434ea6953afd9b 263013641
nvidia-graphics-drivers_525.125.06.orig-arm64.tar.gz
3b3776d083da99c4d5c54085b85dcd25752c69d533b68f493ab4223a7e583391 139
nvidia-graphics-drivers_525.125.06.orig.tar.gz
7445696f5542e3dec3274a55ae53b02e14db14cb593a9e45582a486a2e4c45e5 217092
nvidia-graphics-drivers_525.125.06-1.debian.tar.xz
058de3846d7125489bd61a3159d006db21a95d836c359317e55b961d4719a327 5739
nvidia-graphics-drivers_525.125.06-1_source.buildinfo
Files:
036712963cb4f4241562f6b7050562d1 6948 non-free/libs optional
nvidia-graphics-drivers_525.125.06-1.dsc
fe5caeecfe84388c17217477d069f397 414306913 non-free/libs optional
nvidia-graphics-drivers_525.125.06.orig-amd64.tar.gz
fcdaf2548a960f25c696a41521c12799 263013641 non-free/libs optional
nvidia-graphics-drivers_525.125.06.orig-arm64.tar.gz
1a031350ae1fa633ef71bb855c669e47 139 non-free/libs optional
nvidia-graphics-drivers_525.125.06.orig.tar.gz
a9cb9dab5d267b7d04d135aa4f8605ca 217092 non-free/libs optional
nvidia-graphics-drivers_525.125.06-1.debian.tar.xz
aef85a41b0c5e780a4902120207a8ae3 5739 non-free/libs optional
nvidia-graphics-drivers_525.125.06-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmSuXQ4QHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCPqBD/4tCI11RuxstisbuRq02dOuttQViR0J4QpJ
LLA0hc6o3o3q8XG5hGZS58RkEzeAhBXtcyaZV0F1KCz+qDwa9/dkuzB39owobclP
zXgG8sgahVFq3GpdwRdedDpbGTvQaNK7ipfY4bVdY56rPXNB2a9SXgRGwVTsSxgs
qxpM+QKJUo/8atoPdN42ksw4hw8Hynqhcenvit5VlapqgHuRm6SpI+6fUj1yjjYy
2lfREYRMBXtekm69j0vLR1Uixc67odObr7wYKutcPvfV/ji36Opomw7NCwXB6UYU
VJqRdUV1fDFf6b2aMmmYLzu4RqXevM8m8IGPheTXo8y2vPC2Kh2cZNXAYDuFoOOp
KgVr88jiINURqiF2v+QhyK1frrccUJnVpEfFHhH5tBsv/Pfc/ArdCm6v4tv2uaC5
iJ1xjSrfN6V3X1aMTHEEmKnNX4z5ily9EV3sKXm9A4Q/5erfE/+j5d9oMS8xWHAP
cNwl9IdyTIaES1w7B7ji6YRXk4xapnX4NHoopTq10tjwDyhP5MqB17ROvP0SjOmB
cboUumf97ADNdtuX93ajgFg7g9I4w6uMpXLnwShdqaqKIBzVYmbNP4kF0eB5A1WB
kTCGe7FY6mNgj8U6orQMNgozQ15VjkZv7fWax0Ddp3yeES3wv6lyGSLTATHuL7lb
T1GOfeW5Fw==
=e1no
-----END PGP SIGNATURE-----
--- End Message ---