Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: nvidia-graphics-driv...@packages.debian.org Control: affects -1 + src:nvidia-graphics-drivers
[ Reason ]
In order to fix a CVE we need to update src:nvidia-graphics-drivers in
non-free-firmware to a new upstream release.
[ Impact ]
A proprietary graphics driver with open CVEs.
[ Tests ]
The module is only build-tested. Everything else would require NVIDIA
GPU hardware and usage of the proprietary driver.
[ Risks ]
Updating src:nvidia-graphics-drivers to new upstream releases in stable
is an established procedure.
[ Checklist ]
[*] *all* changes are documented in the d/changelog
[*] I reviewed all changes and I approve them
Excluding the blob.
[*] attach debdiff against the package in (old)stable
Excluding the blob.
[*] the issue is verified as fixed in unstable
[ Changes ]
Besides the new upstream release there is a bit of packaging cleanup in
preparation for forking off src:nvidia-graphics-drivers-tesla-535 in
sid.
The nvidia-detect changes only affect the script if it is being run
under trixie/sid.
There is also the usual patch refresh (and addition of some patches for
supporting newer (and older) kernels).
debian/control has been regenerated with libdpkg-perl/bookworm
(previously I used the one from bullseye) which reordered some fields.
debian-control.in has been updated to use the same order.
+nvidia-graphics-drivers (535.216.01-1~deb12u1) bookworm; urgency=medium
+
+ * Rebuild for bookworm.
+
+ -- Andreas Beckmann <a...@debian.org> Thu, 14 Nov 2024 10:35:54 +0100
+
+nvidia-graphics-drivers (535.216.01-1) unstable; urgency=medium
+
+ * New upstream LTS and Tesla branch release 535.216.01 (2024-10-22).
+ * Fixed CVE-2024-0126. (Closes: #1085968)
+ https://nvidia.custhelp.com/app/answers/detail/a_id/5586
+ * Improved compatibility with recent Linux kernels.
+
+ [ Andreas Beckmann ]
+ * Refresh patches.
+ * nvidia-detect: Add support for Tesla 535 drivers.
+ * nvidia-detect: Restrict support to driver series in trixie.
+ * Clean up packaging cruft in preparation for forking Tesla 535 drivers.
+
+ -- Andreas Beckmann <a...@debian.org> Thu, 07 Nov 2024 18:03:36 +0100
+
+nvidia-graphics-drivers (535.183.06-2) unstable; urgency=medium
+
+ * Simplify using nv_pfn_valid() in virt_addr_valid() on ppc64el.
+ * Backport nv_get_kern_phys_address() changes from 555.42.02 to fix kernel
+ module build with gcc-14 on arm*. (Closes: #1084844)
+ * Regenerate debian/control with libdpkg-perl/bookworm.
+
+ -- Andreas Beckmann <a...@debian.org> Fri, 25 Oct 2024 09:42:15 +0200
+
+nvidia-graphics-drivers (535.183.06-1) unstable; urgency=medium
+
+ * New upstream Tesla branch release 535.183.06 (2024-07-09).
+
+ [ Andreas Beckmann ]
+ * Use dh_movetousr (if available) to relocate the firmware to /usr where
+ needed. (Closes: #1073744)
+ * Log an error message if nvidia-peermem refuses to load because it was
+ built without IB peer memory symbols present. (Closes: #1074350)
+ * Backport follow_pfn changes from 550.90.07 to fix kernel module build for
+ Linux 6.10. (Closes: #1077841, #1078425, #1078462, #1078489, #1078424)
+ * Use pfn_valid() variant with rcu_read_{,un}lock_sched() from Linux 6.8-rc3
+ in virt_addr_valid() for Linux 5.10.210 - 5.10.999 to avoid using GPL
+ symbols on ppc64el.
+ * bug-script: Report 'apt-cache policy'.
+
+ -- Andreas Beckmann <a...@debian.org> Mon, 12 Aug 2024 07:51:39 +0200
[ Other info ]
This is a rebuild of the package from sid with no further changes.
Since the 470 series is upstream EoL, there are no more upstream updates
for src:nvidia-graphics-drivers-tesla-470 (but I might do a final one
adding the NEWS entry about the EoL state to stable as well).
Andreas
nvidia-graphics-drivers_535.216.01-1~deb12u1.diff.xz
Description: application/xz
