Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian....@packages.debian.org
Usertags: pu
Next CVEs to be fixed ... needs a new upstream version, of course.
Since nvidia changed the file names of their glvnd library stubs to
something more sane, we also need to update src:glx-alternatives to be
aware of the new names.
This is a new upstream release from the 384 branch (stretch-pu currently
has 384.111), while buster/testing is already at 390.42 (and soon at
390.48), but we haven't had any exposure of 390.xx in -backports, yet,
so I'd prefer to stick with 384.xx in stable for now.
Luca confirmed that the package works in stretch (although not with
src:libglvnd from stretch-backports, but that needs to be investigated
and fixed independently in -backports).
No new or renamed packages this time :-)
Andreas
Index: debian/control
===================================================================
--- debian/control (.../tags/384.111-4~deb9u1) (revision 7959)
+++ debian/control (.../branches/384-stretch) (revision 7959)
@@ -869,7 +869,7 @@
dpkg (>= 1.17.21),
${nvidia:legacy-check},
Depends:
- glx-alternative-nvidia (>= 0.7) [!ppc64el],
+ glx-alternative-nvidia (>= 0.8.3~) [!ppc64el],
${misc:Depends}
Provides:
${nvidia}-alternative--kmod-alias,
Index: debian/libgl1-glvnd-nvidia-glx.install.in
===================================================================
--- debian/libgl1-glvnd-nvidia-glx.install.in (.../tags/384.111-4~deb9u1)
(revision 7959)
+++ debian/libgl1-glvnd-nvidia-glx.install.in (.../branches/384-stretch)
(revision 7959)
@@ -1 +1 @@
-libGL.so.1.0.0 #LIBDIR#/#PRIVATE#/
+libGL.so.1.7.0 #LIBDIR#/#PRIVATE#/
Index: debian/rules.defs
===================================================================
--- debian/rules.defs (.../tags/384.111-4~deb9u1) (revision 7959)
+++ debian/rules.defs (.../branches/384-stretch) (revision 7959)
@@ -10,7 +10,7 @@
NVIDIA_LEGACY_CHECK = nvidia-legacy-check (>= 343) [!ppc64el]
-LINUX_KMOD_TESTED = 4.15
+LINUX_KMOD_TESTED = 4.16
LINUX_KMOD_TESTED_amd64 =
LINUX_KMOD_TESTED_i386 =
LINUX_KMOD_TESTED_armhf =
Index: debian/libgl1-glvnd-nvidia-glx.links.in
===================================================================
--- debian/libgl1-glvnd-nvidia-glx.links.in (.../tags/384.111-4~deb9u1)
(revision 7959)
+++ debian/libgl1-glvnd-nvidia-glx.links.in (.../branches/384-stretch)
(revision 7959)
@@ -1 +1 @@
-#LIBDIR#/#PRIVATE#/libGL.so.1.0.0 #LIBDIR#/#PRIVATE#/libGL.so.1
+#LIBDIR#/#PRIVATE#/libGL.so.1.7.0 #LIBDIR#/#PRIVATE#/libGL.so.1
Index: debian/libegl1-glvnd-nvidia.links.in
===================================================================
--- debian/libegl1-glvnd-nvidia.links.in (.../tags/384.111-4~deb9u1)
(revision 0)
+++ debian/libegl1-glvnd-nvidia.links.in (.../branches/384-stretch)
(revision 7959)
@@ -0,0 +1 @@
+#LIBDIR#/#PRIVATE#/libEGL.so.1.1.0 #LIBDIR#/#PRIVATE#/libEGL.so.1
Index: debian/libgles2-glvnd-nvidia.links.in
===================================================================
--- debian/libgles2-glvnd-nvidia.links.in (.../tags/384.111-4~deb9u1)
(revision 0)
+++ debian/libgles2-glvnd-nvidia.links.in (.../branches/384-stretch)
(revision 7959)
@@ -0,0 +1 @@
+#LIBDIR#/#PRIVATE#/libGLESv2.so.2.1.0 #LIBDIR#/#PRIVATE#/libGLESv2.so.2
Index: debian/libegl1-glvnd-nvidia.install.in
===================================================================
--- debian/libegl1-glvnd-nvidia.install.in (.../tags/384.111-4~deb9u1)
(revision 7959)
+++ debian/libegl1-glvnd-nvidia.install.in (.../branches/384-stretch)
(revision 7959)
@@ -1 +1 @@
-libEGL.so.1 #LIBDIR#/#PRIVATE#/
+libEGL.so.1.1.0 #LIBDIR#/#PRIVATE#/
Index: debian/changelog
===================================================================
--- debian/changelog (.../tags/384.111-4~deb9u1) (revision 7959)
+++ debian/changelog (.../branches/384-stretch) (revision 7959)
@@ -1,3 +1,31 @@
+nvidia-graphics-drivers (384.130-1) stretch; urgency=medium
+
+ * New upstream long lived branch release 384.130 (2018-03-28).
+ * Fixed CVE-2018-6249, CVE-2018-625.
+ https://nvidia.custhelp.com/app/answers/detail/a_id/4649
+ (Closes: #894338)
+ - Improved compatibility with recent Linux kernels.
+ - Fixed a string concatenation bug that caused libGL to accidentally try to
+ create the directory "$HOME.nv" rather than "$HOME/.nv" in some cases
+ where /tmp isn't accessible. (Closes: #888028)
+ - Increased the version numbers of the GLVND libGL, libGLESv1_CM,
+ libGLESv2, and libEGL libraries, to prevent concurrently installed
+ non-GLVND libraries from taking precedence in the dynamic linker
+ cache.
+ * New upstream release 340 series.
+ - Fixed a bug which could cause X servers that export a Video Driver
+ ABI earlier than 0.8 to crash when running X11 applications which
+ call XRenderAddTraps().
+
+ [ Luca Boccassi ]
+ * Install the renamed GLVND libraries and add SONAME symlinks.
+
+ [ Andreas Beckmann ]
+ * Bump the required glx-diversions/glx-alternative-nvidia version for the
+ renamed GLVND libraries.
+
+ -- Luca Boccassi <bl...@debian.org> Thu, 29 Mar 2018 11:24:33 +0100
+
nvidia-graphics-drivers (384.111-4~deb9u1) stretch; urgency=medium
* Rebuild for stretch.
@@ -1933,6 +1961,27 @@
-- Andreas Beckmann <a...@debian.org> Mon, 20 Oct 2014 19:04:58 +0200
+nvidia-graphics-drivers (340.106-1) UNRELEASED; urgency=medium
+
+ * New upstream legacy 340xx branch release 340.106 (2018-01-16).
+ * Fixed CVE-2017-5753, CVE-2017-5715 (spectre), CVE-2017-5754 (meltdown).
+ https://nvidia.custhelp.com/app/answers/detail/a_id/4611
+ (Closes: #886852)
+ - Fixed a compatibility problem between the nvidia.ko's Page Attribute
+ Table (PAT) support and the kernel Page Table Isolation (PTI) patches.
+ To optimize stores to memory, nvidia.ko contains support for
+ configuring the CPU's PAT registers, as a fallback for Linux kernels
+ that predate kernel native PAT support. On any recent kernel
+ with CONFIG_X86_PAT enabled, the driver will detect that setup has
+ already been done and skip its PAT setup. However, a static inline
+ function called by nvidia.ko's PAT fallback support was updated in
+ the PTI patches to use the EXPORT_SYMBOL_GPL symbol 'cpu_tlbstate'.
+ nvidia.ko was updated to only contain its PAT fallback support,
+ at build time, on kernels without CONFIG_X86_PAT.
+ * Improved compatibility with recent Linux kernels.
+
+ -- Luca Boccassi <bl...@debian.org> Tue, 16 Jan 2018 21:08:01 +0000
+
nvidia-graphics-drivers (340.104-1) UNRELEASED; urgency=medium
* New upstream legacy 340xx branch release 340.104 (2017-09-19).
Index: debian/libgles1-glvnd-nvidia.install.in
===================================================================
--- debian/libgles1-glvnd-nvidia.install.in (.../tags/384.111-4~deb9u1)
(revision 7959)
+++ debian/libgles1-glvnd-nvidia.install.in (.../branches/384-stretch)
(revision 7959)
@@ -1 +1 @@
-libGLESv1_CM.so.1 #LIBDIR#/#PRIVATE#/
+libGLESv1_CM.so.1.2.0 #LIBDIR#/#PRIVATE#/
Index: debian/libgles2-glvnd-nvidia.install.in
===================================================================
--- debian/libgles2-glvnd-nvidia.install.in (.../tags/384.111-4~deb9u1)
(revision 7959)
+++ debian/libgles2-glvnd-nvidia.install.in (.../branches/384-stretch)
(revision 7959)
@@ -1 +1 @@
-libGLESv2.so.2 #LIBDIR#/#PRIVATE#/
+libGLESv2.so.2.1.0 #LIBDIR#/#PRIVATE#/
Index: debian/libgles1-glvnd-nvidia.links.in
===================================================================
--- debian/libgles1-glvnd-nvidia.links.in (.../tags/384.111-4~deb9u1)
(revision 0)
+++ debian/libgles1-glvnd-nvidia.links.in (.../branches/384-stretch)
(revision 7959)
@@ -0,0 +1 @@
+#LIBDIR#/#PRIVATE#/libGLESv1_CM.so.1.2.0
#LIBDIR#/#PRIVATE#/libGLESv1_CM.so.1
