Your message dated Fri, 14 Jul 2023 10:17:04 +0000 with message-id <e1qkfre-00f0cr...@fasolo.debian.org> and subject line Bug#1039686: fixed in nvidia-open-gpu-kernel-modules 525.125.06-1 has caused the Debian Bug report #1039686, regarding nvidia-open-gpu-kernel-modules: CVE-2023-25515, CVE-2023-25516 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1039686: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039686 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nvidia-graphics-drivers Severity: serious Tags: security upstream X-Debbugs-Cc: Debian Security Team <t...@security.debian.org> Control: clone -1 -2 -3 -4 -5 -6 -7 -8 -9 Control: reassign -2 src:nvidia-graphics-drivers-legacy-340xx 340.76-6 Control: retitle -2 nvidia-graphics-drivers-legacy-340xx: CVE-2023-25515, CVE-2023-25516 Control: tag -2 + wontfix Control: reassign -3 src:nvidia-graphics-drivers-legacy-390xx 390.48-4 Control: retitle -3 nvidia-graphics-drivers-legacy-390xx: CVE-2023-25515, CVE-2023-25516 Control: tag -3 + wontfix Control: reassign -4 src:nvidia-graphics-drivers-tesla-418 418.87.01-1 Control: retitle -4 nvidia-graphics-drivers-tesla-418: CVE-2023-25515, CVE-2023-25516 Control: tag -4 + wontfix Control: reassign -5 src:nvidia-graphics-drivers-tesla-450 450.51.05-1 Control: retitle -5 nvidia-graphics-drivers-tesla-450: CVE-2023-25515, CVE-2023-25516 Control: reassign -6 src:nvidia-graphics-drivers-tesla-460 460.32.03-1 Control: retitle -6 nvidia-graphics-drivers-tesla-460: CVE-2023-25515, CVE-2023-25516 Control: tag -6 + wontfix Control: close -6 460.106.00-3 Control: reassign -7 src:nvidia-graphics-drivers-tesla-470 470.57.02-1 Control: retitle -7 nvidia-graphics-drivers-tesla-470: CVE-2023-25515, CVE-2023-25516 Control: reassign -8 src:nvidia-graphics-drivers-tesla 510.85.02-1 Control: retitle -8 nvidia-graphics-drivers-tesla: CVE-2023-25515, CVE-2023-25516 Control: found -8 515.48.07-1 Control: found -8 525.60.13-1 Control: reassign -9 src:nvidia-open-gpu-kernel-modules 515.43.04-1 Control: retitle -9 nvidia-open-gpu-kernel-modules: CVE-2023-25515, CVE-2023-25516 Control: found -9 520.56.06-1 Control: found -9 525.85.12-1 Control: found -9 530.30.02-1 Control: found -1 340.24-1 Control: found -1 343.22-1 Control: found -1 396.18-1 Control: found -1 430.14-1 Control: found -1 455.23.04-1 Control: found -1 465.24.02-1 Control: found -1 495.44-1 Control: found -1 515.48.07-1 Control: found -1 520.56.06-1 Control: found -1 525.53-1 Control: found -1 530.30.02-1 https://nvidia.custhelp.com/app/answers/detail/a_id/5468 CVE-2023-25515 NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where unexpected untrusted data is parsed, which may lead to code execution, denial of service, escalation of privileges, data tampering, or information disclosure. CVE-2023-25516 NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. Linux Driver Branch CVE IDs Addressed R535, R525, R470, R450 CVE-2023-25515, CVE-2023-25516 Driver Branch Affected Driver Versions Updated Driver Version R535 All driver versions prior to 535.54.03 535.54.03 R525 All driver versions prior to 525.125.06 525.125.06 R470 All driver versions prior to 470.199.02 470.199.02 R450 All driver versions prior to 450.248.02 450.248.02 Andreas
--- End Message ---
--- Begin Message ---Source: nvidia-open-gpu-kernel-modules Source-Version: 525.125.06-1 Done: Andreas Beckmann <a...@debian.org> We believe that the bug you reported is fixed in the latest version of nvidia-open-gpu-kernel-modules, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1039...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated nvidia-open-gpu-kernel-modules package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 14 Jul 2023 10:54:38 +0200 Source: nvidia-open-gpu-kernel-modules Architecture: source Version: 525.125.06-1 Distribution: unstable Urgency: medium Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Closes: 1039686 Changes: nvidia-open-gpu-kernel-modules (525.125.06-1) unstable; urgency=medium . * New upstream production branch release 525.125.06 (2023-06-26). * Fixed CVE-2023-25515, CVE-2023-25516. (Closes: #1039686) https://nvidia.custhelp.com/app/answers/detail/a_id/5468 Checksums-Sha1: d78f78eadad177443b21d8f7ac64dc5c89238f2d 2729 nvidia-open-gpu-kernel-modules_525.125.06-1.dsc 9043dc9b0fc3477211af27030ad7ebb41737eb4b 10100204 nvidia-open-gpu-kernel-modules_525.125.06.orig.tar.xz e95e0dcdc68e5723229817ed487d3df58d103914 19556 nvidia-open-gpu-kernel-modules_525.125.06-1.debian.tar.xz 0176288ff582fab8fc5c91c9ff928faffb39373d 5872 nvidia-open-gpu-kernel-modules_525.125.06-1_source.buildinfo Checksums-Sha256: aadadbdf83ec61cb9c607c4311dd5bf91cf8888acb042b8985291ce009cf848e 2729 nvidia-open-gpu-kernel-modules_525.125.06-1.dsc 4aebd4ff05c8e0cbda6a9369494f75d3d0b32a8ae67b7af4616739f5acef3656 10100204 nvidia-open-gpu-kernel-modules_525.125.06.orig.tar.xz eaca4191a78ea20f498f7e3a89db900d42e3c069ff0ee34ab61f0635e42fd9e9 19556 nvidia-open-gpu-kernel-modules_525.125.06-1.debian.tar.xz 7ca0320e7b8f70b3c57b28db7cac416bea0f231dc4960e9030870e343afed22a 5872 nvidia-open-gpu-kernel-modules_525.125.06-1_source.buildinfo Files: bbbc780351c21bc06f917961cbf880b1 2729 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06-1.dsc a0ac3430887b77d687a3cf84bad61146 10100204 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06.orig.tar.xz d7693b486dc45442dfbf9d9b08ae637b 19556 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06-1.debian.tar.xz 12f11e64dac02c429204083685b1dd8d 5872 contrib/kernel optional nvidia-open-gpu-kernel-modules_525.125.06-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE6/MKMKjZxjvaRMaUX7M/k1np7QgFAmSxDfEQHGFuYmVAZGVi aWFuLm9yZwAKCRBfsz+TWentCI9ID/9JdiwONAtIG3uBb/Sqrwx2O1Gt7JN5HClg KsooMHRMpvhrLD37Qdy44xaxQCiu80XxElFltGCbOS5/sibu+yUHT3kHeyACeHUf jKQ/90kgLxHrzAGPb/GHsiahEkphKW7q6+cYo27IesLzHBQFr/rmS3CPfwLiQ0/e lVxEnJk1RVZH3Nmdk16Crna6oxN0J991eSHDiWiAL618aHgH/GMmQwj8EKZpYe4S IlhQdrTfJ4rw1hlnEvnawoP2fjoLIUpY3SSr7+NUrBhig3HPn+K+YFvcTmOnnis0 +b301+88Hx/eoTc+JZMGiJ3WM76zNhyT/00BjPJGHRivq1/Jmp6n4smT/3BxPZXi y5TAwYxcsDqfiN+5giQuk1Whs2RYbz24XOwpH1v+z3Pt3NmPYocw1dyRL2s1pNEV xO7qiTKllAGWT1BaWfOCTQtrXJsad6gbnvTT6Mmq6j7qUUdSqhNpvUdqMGShXc17 sOfhO6Y3HaIcvetQ0Y/tHjupaNS1gYtTI9iZWbQQTHLhxhlhWDFpLt0eisreAlWq BseL/3iSDJ1Au2qcYuX+G0GSmYz5kDvLe0baJ+Ns75xNdMSn6v2lK230O9VOSKv4 JzOLW/0HUMbA7vRhC5VdSnmKeESZ5Ok1gC+jYSkHoiuLfH+iDckzWEIVWxaENcgd j6SwyTC0zA== =OSUA -----END PGP SIGNATURE-----
--- End Message ---
