Your message dated Sat, 08 Apr 2017 15:47:09 +0000
with message-id <[email protected]>
and subject line Bug#855279: fixed in nvidia-graphics-drivers-legacy-304xx
304.135-1
has caused the Debian Bug report #855279,
regarding nvidia-graphics-drivers-legacy-304xx: CVE-2017-0309, CVE-2017-0310,
CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
855279: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855279
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nvidia-graphics-drivers
Version: 343.22-1
Severity: serious
Tags: security
Control: found -1 1.0.4363-1
Control: found -1 310.14-1
Control: clone -1 -2 -3
Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6
Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2017-0309,
CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
Control: reassign -3 src:nvidia-graphics-drivers-legacy-304xx 304.108-2
Control: retitle -3 nvidia-graphics-drivers-legacy-304xx: CVE-2017-0309,
CVE-2017-0310, CVE-2017-0311, CVE-2017-0321, CVE-2017-0318
http://nvidia.custhelp.com/app/answers/detail/a_id/4398
CVE-2017-0309
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where multiple integer overflows may cause improper memory
allocation, which may lead to a denial of service or potential
escalation of privileges.
CVE-2017-0310
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where improper access controls allow an unprivileged user
to cause a denial of service.
CVE-2017-0311
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where improper access control may lead to a denial of
service or possible escalation of privileges.
CVE-2017-0321
NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer handler where a NULL pointer dereference caused by invalid user
input may lead to a denial of service or potential escalation of
privileges.
CVE-2017-0318
NVIDIA Linux GPU Display Driver contains a vulnerability in the kernel
mode layer handler where improper validation of an input parameter may
cause a denial of service on the system.
Andreas
--- End Message ---
--- Begin Message ---
Source: nvidia-graphics-drivers-legacy-304xx
Source-Version: 304.135-1
We believe that the bug you reported is fixed in the latest version of
nvidia-graphics-drivers-legacy-304xx, which is due to be installed in the
Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Beckmann <[email protected]> (supplier of updated
nvidia-graphics-drivers-legacy-304xx package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 05 Apr 2017 20:16:50 +0200
Source: nvidia-graphics-drivers-legacy-304xx
Binary: nvidia-legacy-304xx-driver xserver-xorg-video-nvidia-legacy-304xx
libgl1-nvidia-legacy-304xx-glx libgl1-nvidia-legacy-304xx-glx-i386
nvidia-legacy-304xx-alternative nvidia-legacy-304xx-kernel-dkms
nvidia-legacy-304xx-kernel-source
Architecture: source
Version: 304.135-1
Distribution: jessie
Urgency: medium
Maintainer: Debian NVIDIA Maintainers <[email protected]>
Changed-By: Andreas Beckmann <[email protected]>
Description:
libgl1-nvidia-legacy-304xx-glx - NVIDIA binary OpenGL/GLX
libraries${nvidia:LegacyDesc}
libgl1-nvidia-legacy-304xx-glx-i386 - NVIDIA binary OpenGL/GLX 32-bit
libraries${nvidia:LegacyDesc}
nvidia-legacy-304xx-alternative - allows the selection of NVIDIA as GLX
provider${nvidia:LegacyDesc
nvidia-legacy-304xx-driver - NVIDIA metapackage${nvidia:LegacyDesc}
nvidia-legacy-304xx-kernel-dkms - NVIDIA binary kernel module DKMS
source${nvidia:LegacyDesc}
nvidia-legacy-304xx-kernel-source - NVIDIA binary kernel module
source${nvidia:LegacyDesc}
xserver-xorg-video-nvidia-legacy-304xx - NVIDIA binary Xorg
driver${nvidia:LegacyDesc}
Closes: 852152 855279
Changes:
nvidia-graphics-drivers-legacy-304xx (304.135-1) jessie; urgency=medium
.
* New upstream legacy 304xx branch release 304.135 (2017-02-14).
* Fixed CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0318,
CVE-2017-0321. (Closes: #855279)
.
[ Luca Boccassi ]
* Synchronize packaging with nvidia-graphics-drivers-legacy-304xx 304.135-2:
- Add deprecated-cpu-events.patch and update disable-mtrr.patch to fix
kernel module build on Linux 4.10 and newer.
* Synchronize packaging with nvidia-graphics-drivers-legacy-304xx 304.134-2:
- Add drm-driver-legacy.patch to fix nvidia kernel module load issue on
Linux 4.9 and newer. (Closes: #852152)
* Upload to jessie.
Checksums-Sha1:
92296a4df3130e2450994c62684723b599c8f3fc 3799
nvidia-graphics-drivers-legacy-304xx_304.135-1.dsc
61a7262143dd62d32ded3249367f37d9f56302b9 67621644
nvidia-graphics-drivers-legacy-304xx_304.135.orig-amd64.tar.gz
45c95c4e3f8344f312f29e88610c60d788f02cf9 39898214
nvidia-graphics-drivers-legacy-304xx_304.135.orig-i386.tar.gz
8ef0249c99bfe6908eb19aa078000840bc0dfbba 138
nvidia-graphics-drivers-legacy-304xx_304.135.orig.tar.gz
c9673d35bd079e42fd0acc6631d5330d8c8775de 86068
nvidia-graphics-drivers-legacy-304xx_304.135-1.debian.tar.xz
Checksums-Sha256:
15d17698c9470f643dfdc17255ba811e2a236bfc0281bc3e4270377b0ab8b781 3799
nvidia-graphics-drivers-legacy-304xx_304.135-1.dsc
c1be05911ac6da5a6f406bcd4e08fcaabc202e6c59f0811bdf7de7acf6d12a9a 67621644
nvidia-graphics-drivers-legacy-304xx_304.135.orig-amd64.tar.gz
050307a44e27c405da28ae70707919107eb94fd7feaab362344efcccd765f6eb 39898214
nvidia-graphics-drivers-legacy-304xx_304.135.orig-i386.tar.gz
85a63eef6201fb017071f1909c6ab627433325305cb865e901ed29443fa545bb 138
nvidia-graphics-drivers-legacy-304xx_304.135.orig.tar.gz
f55fe9be07b39eac66f834bee2c3da83a72d287f7318a5a1fb6ba570a4549425 86068
nvidia-graphics-drivers-legacy-304xx_304.135-1.debian.tar.xz
Files:
51c9f29b51d3f78c378c9267051b3b96 3799 non-free/libs optional
nvidia-graphics-drivers-legacy-304xx_304.135-1.dsc
872e7ca8bc888ec562ac3c9a37f035f0 67621644 non-free/libs optional
nvidia-graphics-drivers-legacy-304xx_304.135.orig-amd64.tar.gz
1b3befea161959c67f5bf29ab0e8ce26 39898214 non-free/libs optional
nvidia-graphics-drivers-legacy-304xx_304.135.orig-i386.tar.gz
03e4229dea625d4453c52fcd9ca80260 138 non-free/libs optional
nvidia-graphics-drivers-legacy-304xx_304.135.orig.tar.gz
a34efdf6e64878771e1633e253b007f3 86068 non-free/libs optional
nvidia-graphics-drivers-legacy-304xx_304.135-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJY5TZoAAoJEF+zP5NZ6e0IRxcQAKXArTj8SRmCpClU9Fd4Dn5B
K4NH8VGaCbaizy/x2wAAHN/JlLIFxW7XkcmHPD071V0TWxbp3ncQ3pBoqKhUhMdN
RmWK190ciOn62lkOfGr9GSp98fc22+LaV1L1QbW2ZasPuk7Q8JdnmQGRpkqephey
0rMvI9koArO9c8nZ6bZTDp07Hj/7nRsC/geo6vV6YlH+tMHQy6SKw/DhG+zZmQyU
4rvEywIXpaDN2RVNQFey3J+3FYeenSNtIfZv1E8hXy7EjfNicGAMBNsLcKDs4mls
7gF/ebhtP2eAZCCVtG/HkQOKeEwiVSFGW9/IM1Jxf5jlyoh2h55J2D6nTw11Og6H
Mpgh9SObIhOEjAYd0ykkvexQMhRXc9ZoAYZ0LIAYOLQQitlxixPt6kuJtPSiM+g7
/wKXy7Nf0f4MIS29isNWhMxzrQDch0EUhcO9cjVzSUmc++5XCqu7nVy08JfqaUoa
eXBthIyJ/PkfaG7zgKjDGZhIkDd4v6SCPT0SwB31K3OIdMFu0YtSYwI1VsUd46tF
ev29i6oDi7/GCLYm5TfcnmAYQAPRN2ukqXUJghAZ5FbDWm9BSYhmXfqhGS6sDl70
QAjIiKRzqToKl1F/9fIY5wO1klk3h4LvMTnmOcpUr+ErxoW7qa+gCfy5Mfbbf9W3
gnfzSubstNbYUHhTFpUY
=E6c+
-----END PGP SIGNATURE-----
--- End Message ---
