Your message dated Thu, 13 Jun 2024 21:17:35 +0000
with message-id <e1shrp9-00gjca...@fasolo.debian.org>
and subject line Bug#1072792: fixed in nvidia-graphics-drivers 470.256.02-1
has caused the Debian Bug report #1072792,
regarding nvidia-graphics-drivers: CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1072792: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072792
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Severity: serious
Tags: security upstream
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2024-0090,
CVE-2024-0092
Control: tag -2 + wontfix
Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4
Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2024-0090,
CVE-2024-0092
Control: tag -3 + wontfix
Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1
Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2024-0090,
CVE-2024-0092
Control: tag -4 + wontfix
Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1
Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2024-0090,
CVE-2024-0092
Control: tag -5 + wontfix
Control: close -5 450.248.02-4
Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1
Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2024-0090,
CVE-2024-0092
Control: tag -6 + wontfix
Control: close -6 460.106.00-3
Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1
Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2024-0090,
CVE-2024-0092
Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1
Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2024-0090, CVE-2024-0092
Control: found -8 515.48.07-1
Control: found -8 525.60.13-1
Control: tag -8 + wontfix
Control: close -8 525.147.05-6
Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1
Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2024-0090,
CVE-2024-0091, CVE-2024-0092
Control: found -9 520.56.06-1
Control: found -9 525.85.12-1
Control: found -9 530.30.02-1
Control: found -9 535.43.02-1
Control: found -9 545.23.06-1
Control: found -9 550.40.07-1
Control: found -9 555.42.02-1
Control: found -1 340.24-1
Control: found -1 343.22-1
Control: found -1 396.18-1
Control: found -1 430.14-1
Control: found -1 455.23.04-1
Control: found -1 465.24.02-1
Control: found -1 495.44-1
Control: found -1 515.48.07-1
Control: found -1 520.56.06-1
Control: found -1 525.53-1
Control: found -1 530.30.02-1
Control: found -1 535.43.02-1
Control: found -1 545.23.06-1
Control: found -1 550.40.07-1
Control: found -1 555.42.02-1
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
CVE-2024-0090 NVIDIA GPU driver for Windows and Linux contains a
vulnerability where a user can cause an out-of-bounds write. A
successful exploit of this vulnerability might lead to code execution,
denial of service, escalation of privileges, information disclosure, and
data tampering.
CVE-2024-0091 NVIDIA GPU Display Driver for Windows and Linux contains
a vulnerability where a user can cause an untrusted pointer dereference
by executing a driver API. A successful exploit of this vulnerability
might lead to denial of service, information disclosure, and data
tampering.
CVE-2024-0092 NVIDIA GPU Driver for Windows and Linux contains a
vulnerability where an improper check or improper handling of exception
conditions might lead to denial of service.
Linux Driver Branch CVE IDs Addressed
R555, R550 CVE-2024-0090, CVE-2024-0091, CVE-2024-0092
R535, R470 CVE-2024-0090, CVE-2024-0092
Driver Branch Affected Driver Versions Updated Driver
Version
R555 All driver versions prior to 555.52.04 555.52.04
R550 All driver versions prior to 550.90.07 550.90.07
R535 All driver versions prior to 535.183.01 535.183.01
R470 All driver versions prior to 470.256.02 470.256.02
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers
Source-Version: 470.256.02-1
Done: Andreas Beckmann <a...@debian.org>
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1072...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-graphics-drivers
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 09 Jun 2024 09:55:50 +0200
Source: nvidia-graphics-drivers
Architecture: source
Version: 470.256.02-1
Distribution: bullseye
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org>
Changed-By: Andreas Beckmann <a...@debian.org>
Closes: 1072792
Changes:
nvidia-graphics-drivers (470.256.02-1) bullseye; urgency=medium
.
* New upstream LTS and Tesla branch release 470.256.02 (2024-06-04).
* Fixed CVE-2024-0090, CVE-2024-0092. (Closes: #1072792)
https://nvidia.custhelp.com/app/answers/detail/a_id/5551
- Fixed a bug that could cause the X server to crash when graphics
applications requested single-buffered drawables while certain
features (such as Vulkan sharpening) are enabled.
.
[ Andreas Beckmann ]
* Refresh patches.
* xserver-xorg-video-nvidia: Recommend nvidia-vulkan-icd.
* Move the libnvidia-glvkspirv dependency to libnvidia-(e)glcore.
(Cf. #1064194)
* Bump Standards-Version to 4.7.0. No changes needed.
Checksums-Sha1:
911205997e5d3ddabb9ad15341b51f9e0f1d58fd 7779
nvidia-graphics-drivers_470.256.02-1.dsc
1901e40eddfa4e193ddd9b369642d634bf7e1ef4 272835178
nvidia-graphics-drivers_470.256.02.orig-amd64.tar.gz
d80b4e0a691ab9a58a7ce9c23621d3068d5593ff 184427893
nvidia-graphics-drivers_470.256.02.orig-arm64.tar.gz
e55c8aed8fe8490918ea40c97f0eb5c7f9406974 67630519
nvidia-graphics-drivers_470.256.02.orig-ppc64el.tar.gz
149f4f89e300de4bf17ded49b2375584c87d7d57 140
nvidia-graphics-drivers_470.256.02.orig.tar.gz
51fd76ce1765bebc4d2c9dc81f406a0365091642 212892
nvidia-graphics-drivers_470.256.02-1.debian.tar.xz
a390110b6adc683be4300638092faa8e4f33a22c 8489
nvidia-graphics-drivers_470.256.02-1_source.buildinfo
Checksums-Sha256:
16ac6938fda69a8c4c82a43746692e1c8ada7327ae059f7b6585dd8668ab12a8 7779
nvidia-graphics-drivers_470.256.02-1.dsc
a6879d4e7990409676b260aecf26e06e4a1b3fbc6917558dba59ed3a82d1dc18 272835178
nvidia-graphics-drivers_470.256.02.orig-amd64.tar.gz
7a7a35e082d01c4b7136aa5347d86b915d9fdd7eb197d6939293341fbf7a9bd6 184427893
nvidia-graphics-drivers_470.256.02.orig-arm64.tar.gz
a6019989a5d9ace669198f786a576c1befe9635477c8a79d87f6df2c0efc4408 67630519
nvidia-graphics-drivers_470.256.02.orig-ppc64el.tar.gz
666172f456ad109119afd32a8df44d7345069ef14f693e7a8da902c52aff509b 140
nvidia-graphics-drivers_470.256.02.orig.tar.gz
5749b50bbfc01516e389455b065c399f20e7f8d884ed778ea956d05c7477b7e0 212892
nvidia-graphics-drivers_470.256.02-1.debian.tar.xz
f2a2d528d1c0f29a4aa364d5a89514c28fb1edebcaa6cb11a8bd69f32214e23d 8489
nvidia-graphics-drivers_470.256.02-1_source.buildinfo
Files:
19c4011d7f2f9880a07def1c30de5b6c 7779 non-free/libs optional
nvidia-graphics-drivers_470.256.02-1.dsc
9a596f5429c579972e707722bb8d0b37 272835178 non-free/libs optional
nvidia-graphics-drivers_470.256.02.orig-amd64.tar.gz
1075d88355106b41988b933c24a73d41 184427893 non-free/libs optional
nvidia-graphics-drivers_470.256.02.orig-arm64.tar.gz
aea2c2c1d12bf5fa5b730850dbf9520a 67630519 non-free/libs optional
nvidia-graphics-drivers_470.256.02.orig-ppc64el.tar.gz
b134cd021d627e7afde136cac5dde418 140 non-free/libs optional
nvidia-graphics-drivers_470.256.02.orig.tar.gz
a886870eecfc8f436d776bf0e5620013 212892 non-free/libs optional
nvidia-graphics-drivers_470.256.02-1.debian.tar.xz
2db4064924d1b5f4b569f67f386560aa 8489 non-free/libs optional
nvidia-graphics-drivers_470.256.02-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmZlYtYQHGFuYmVAZGVi
aWFuLm9yZwAKCRBfsz+TWentCOCDD/94aevuP6xFmht0K2ZNMKbiO4ja8caqjWMH
l5FLoE9PESqQKVWDIyTDckxygYmJyXUyrhW2PCVu8aoxOhm5t4/u5zs4TeZas26/
JlWZpPxOnukJplmVbeeyBLlmT5IhjpmhkZTFvzkjSv87hzeYH+Hj6FLJnXW2wnor
ZgCox6RuY5QhrJsZpwZHN+COWmK9t+wvwUcq5P7vYfCcjjOQ4CT37DPMKXUjn1Kp
gAuhdK3O/U5s2fsx47ts9B70UR6p8C+9vcg5A1dmjlY/UFfkOCdXgB3PxvTjzXc5
+rRr6p7LBgxOEJYWr1KhdFGHvVDVMt3Dr8YR5pGghKj7uMBQ42WWEzyhmM/ha5Ux
+9SZbuBzxuKdv9un2g2zqv2Ik5gC1v4agKNCyV9/SPqu1mLJ+IdpWTw1VdWxjMa/
ISQiUrDNL5JsH6FCvyxGPZGM31jETqdBT9MIsnC39YZAyyQT7cewXwj0pfwXS7SC
pwOyj7sV/0L6GnYoCoZKBwyXkqd+QtL7iCDkezAuXP1BPNU8QVoFUKZ+yghgtpRG
2mAMT9KHYAR9kNQjGTvLFepj/PXovr1G5F2i08v4AhE016scvIIJrkcPTuRQRU6z
LUmVXbJr0pbxxiOeTQKjJPmDDaJFykUqgMnb3cxAmiOAEgVajsOpr8a/2/+IwlQv
oXTPta3Zbg==
=qXCx
-----END PGP SIGNATURE-----
pgpAyfHpgq3C1.pgp
Description: PGP signature
--- End Message ---
