[Git][security-tracker-team/security-tracker][master] 2 commits: dla: typo

Sylvain Beucler (@beuc) Mon, 05 May 2025 08:23:25 -0700


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
344f29ad by Sylvain Beucler at 2025-05-05T17:23:03+02:00
dla: typo

- - - - -
50cb074c by Sylvain Beucler at 2025-05-05T17:23:05+02:00
dla: add nvidia-graphics-drivers

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3036,7 +3036,6 @@ CVE-2024-11917 (The JobSearch WP Job Board plugin for 
WordPress is vulnerable to
 CVE-2025-23244 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
which cou ...)
        - nvidia-graphics-drivers <unfixed> (bug #1104068)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1104069)
        - nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1104070)
        [bullseye] - nvidia-graphics-drivers-legacy-390xx <ignored> (Non-free 
not supported)
@@ -33531,7 +33530,6 @@ CVE-2023-46400 (KWHotel 0.47 is vulnerable to CSV 
Formula Injection in the add g
 CVE-2024-0149 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
which cou ...)
        - nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
        - nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
        [bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free 
not supported)
@@ -33553,7 +33551,6 @@ CVE-2024-0149 (NVIDIA GPU Display Driver for Linux 
contains a vulnerability whic
 CVE-2024-0131 (NVIDIA GPU kernel driver for Windows and Linux contains a 
vulnerabilit ...)
        - nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
        - nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
        [bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free 
not supported)
@@ -33574,12 +33571,10 @@ CVE-2024-0131 (NVIDIA GPU kernel driver for Windows 
and Linux contains a vulnera
 CVE-2024-53869 (NVIDIA Unified Memory driver for Linux contains a 
vulnerability where  ...)
        - nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5614
 CVE-2024-0147 (NVIDIA GPU display driver for Windows and Linux contains a 
vulnerabili ...)
        - nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
        - nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
        [bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free 
not supported)
@@ -33600,7 +33595,6 @@ CVE-2024-0147 (NVIDIA GPU display driver for Windows 
and Linux contains a vulner
 CVE-2024-0150 (NVIDIA GPU display driver for Windows and Linux contains a 
vulnerabili ...)
        - nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
        - nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
        [bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free 
not supported)
@@ -61035,7 +61029,6 @@ CVE-2023-50355 (HCL Sametime is impacted by the error 
messages containing sensit
 CVE-2024-0126 (NVIDIA GPU Display Driver for Windows and Linux contains a 
vulnerabili ...)
        - nvidia-graphics-drivers 535.216.01-1 (bug #1085968)
        [bookworm] - nvidia-graphics-drivers 535.216.01-1~deb12u1
-       [bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
        - nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1085969)
        - nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1085970)
        [bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free 
not supported)
@@ -129506,7 +129499,6 @@ CVE-2024-0075 (NVIDIA GPU Display Driver for Windows 
and Linux contains a vulner
        [experimental] - nvidia-graphics-drivers 535.161.07-1
        - nvidia-graphics-drivers <unfixed> (bug #1064983)
        [bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-       [bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
        - nvidia-graphics-drivers-tesla <unfixed> (bug #1064990)
        [bookworm] - nvidia-graphics-drivers-tesla <no-dsa> (Non-free not 
supported)
        [experimental] - nvidia-open-gpu-kernel-modules 550.54.15-1
@@ -203705,7 +203697,6 @@ CVE-2023-0183 (NVIDIA GPU Display Driver for Linux 
contains a vulnerability in t
        - nvidia-open-gpu-kernel-modules 525.105.17-1 (bug #1033783)
        - nvidia-graphics-drivers-tesla 525.105.17-1 (bug #1033782)
        - nvidia-graphics-drivers 525.105.17-1 (bug #1033774)
-       [bullseye] - nvidia-graphics-drivers <no-dsa> (non-free not supported)
        [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, 
no updates provided by Nvidia anymore)
        NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5452
 CVE-2023-0182 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in the  ...)
@@ -228070,7 +228061,6 @@ CVE-2022-42256 (NVIDIA GPU Display Driver for Linux 
contains a vulnerability in
        - nvidia-open-gpu-kernel-modules 515.86.01-1
 CVE-2022-42255 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
-       [bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
        [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, 
no updates provided by Nvidia anymore)
        - nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
        - nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1025282)
@@ -228084,7 +228074,6 @@ CVE-2022-42255 (NVIDIA GPU Display Driver for Linux 
contains a vulnerability in
        - nvidia-open-gpu-kernel-modules 515.86.01-1
 CVE-2022-42254 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
-       [bullseye] - nvidia-graphics-drivers 470.161.03-1
        [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, 
no updates provided by Nvidia anymore)
        - nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
        - nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1025282)
@@ -248696,7 +248685,6 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information 
Disclosure Vulnerability)
        NOT-FOR-US: Microsoft
 CVE-2022-34684 (NVIDIA GPU Display Driver for Linux contains a vulnerability 
in the ke ...)
        - nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
-       [bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
        [buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, 
no updates provided by Nvidia anymore)
        - nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
        - nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)


=====================================
data/dla-needed.txt
=====================================
@@ -269,6 +269,10 @@ nsis
 nvidia-cuda-toolkit
   NOTE: 20241004: Added by Front-Desk (Beuc)
 --
+nvidia-graphics-drivers
+  NOTE: 20250505: Added by Front-Desk (Beuc)
+  NOTE: 20250505: Non-free, but sponsored (Beuc/front-desk)
+--
 odoo
   NOTE: 20250303: Added by Front-Desk (rouca)
   NOTE: 20250320: In discussion to be EOL'ed: https://bugs.debian.org/1100929. 
Let's keep odoo here until we decide (santiago)
@@ -283,7 +287,7 @@ opencryptoki
   NOTE: 20250505: For CVE-2024-0914 ("Marvin Attack"),
   NOTE: 20250505: we probably need to backport a few constant-time 
pre-requisite commits:
   NOTE: 20250505: 
https://github.com/opencryptoki/opencryptoki/issues/731#issuecomment-1851436555
-  NOTE: 20250505: Cf. #1104729 to determine whether fix or ignore this in all 
dists (Beuc/front-desk)
+  NOTE: 20250505: Cf. #1104729 to determine whether to fix or ignore this in 
all dists (Beuc/front-desk)
 --
 openjdk-11 (roberto)
   NOTE: 20250429: Added by Front-Desk (lamby)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3c7b234cc2db1ae0d967693a7c6427bbf8bd2ed0...50cb074c0f6b0248c4e473ab21b36949fcdb1cfc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3c7b234cc2db1ae0d967693a7c6427bbf8bd2ed0...50cb074c0f6b0248c4e473ab21b36949fcdb1cfc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: dla: typo

Reply via email to