[Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tag for CVE-2021-1056

Tue, 18 Jan 2022 12:37:38 -0800 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
445a7ec9 by Markus Koschany at 2022-01-18T21:37:16+01:00
Remove no-dsa tag for CVE-2021-1056

- - - - -
e445b007 by Markus Koschany at 2022-01-18T21:37:16+01:00
Reserve DLA-2888-1 for nvidia-graphics-drivers

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -81548,7 +81548,6 @@ CVE-2021-1057 (NVIDIA Virtual GPU Manager NVIDIA vGPU 
manager contains a vulnera
 CVE-2021-1056 (NVIDIA GPU Display Driver for Linux, all versions, contains a 
vulnerab ...)
        - nvidia-graphics-drivers 460.32.03-1 (bug #979670)
        [buster] - nvidia-graphics-drivers 418.181.07-1
-       [stretch] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #979671)
        [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not 
supported, no updates provided by Nvidia anymore)
        [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free 
not supported, no updates provided by Nvidia anymore)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[18 Jan 2022] DLA-2888-1 nvidia-graphics-drivers - security update
+       {CVE-2021-1056 CVE-2021-1076 CVE-2021-1093 CVE-2021-1094 CVE-2021-1095}
+       [stretch] - nvidia-graphics-drivers 390.144-1~deb9u1
 [18 Jan 2022] DLA-2887-1 lighttpd - security update
        {CVE-2018-19052}
        [stretch] - lighttpd 1.4.45-1+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -86,13 +86,6 @@ linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)
 --
-nvidia-graphics-drivers
-  NOTE: package is in non-free but also in packages-to-support
-  NOTE: only CVE‑2021‑1076 seems to be fixed in the R390 branch used in 
Stretch, no fix available for CVE-2021-1077
-  NOTE: 20211108: nvidia-graphics-drivers-legacy-390xx 390.144-1 in 
buster/bullseye/bookworm
-  NOTE: 20211108: now fixes all 5 CVEs (bunk)
-  NOTE: 20211229: https://people.debian.org/~apo/lts/nvidia-graphics-drivers/
---
 pgbouncer (Christoph Berg)
   NOTE: 20220104: maintainer might want to upload fixed version
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/55a70abdfc16bea24dfb6336ff1302c66fa99582...e445b007bd3e4a0d90ad79e1ebc9a7f445099377

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/55a70abdfc16bea24dfb6336ff1302c66fa99582...e445b007bd3e4a0d90ad79e1ebc9a7f445099377
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to