Bug#1065013: nvidia-graphics-drivers 470.239.06-1 flagged for acceptance
On Wed, 2024-05-08 at 18:22 +0100, Adam D. Barratt wrote: > On Wed, 2024-05-08 at 19:18 +0200, Andreas Beckmann wrote: > > On 05/05/2024 20.52, Adam D Barratt wrote: > > > Package: nvidia-graphics-drivers > > > Version: 470.239.06-1 > > > > > Explanation: upstream security fixes [CVE-2022-42265 CVE-2024- > > > 0074 > > > CVE-2024-0078] > > > > Can we push these packages to bullseye-updates? > > The kernel change that recently caused problems for the nvidia > > modules > > in bookworm has now reached bullseye, too: #1070726, but the new > > upstream already sitting in bullseye-pu is sufficient to fix that. > > Would wording similar to > https://lists.debian.org/debian-stable-announce/2024/02/msg2.html > be accurate / suitable? (With the 12.5 reference changed to the > relevant DSA number.) Not sure if you saw the previous mail, but see below for suggested SUA text. Regards, Adam === This update addresses problems in three non-free driver packages supporting nVidia graphics cards. The Linux kernel released in DSA 5681-1 changed an inlined function to call two GPL-only symbols, making that function inaccessible to non-free kernel modules. As a result, the nVidia kernel modules cannot be built via DKMS at installation time for the updated kernel. The following packages have been updated to correct the problem: Source package Fixed version == = nvidia-graphics-drivers470.239.06-1 nvidia-graphics-drivers-tesla-470 470.239.06-1~deb11u1 nvidia-settings470.239.06-1 If you use the affected packages, we recommend you upgrade to these versions. ===
Bug#1065013: nvidia-graphics-drivers 470.239.06-1 flagged for acceptance
On Wed, 2024-05-08 at 19:18 +0200, Andreas Beckmann wrote: > On 05/05/2024 20.52, Adam D Barratt wrote: > > Package: nvidia-graphics-drivers > > Version: 470.239.06-1 > > > Explanation: upstream security fixes [CVE-2022-42265 CVE-2024-0074 > > CVE-2024-0078] > > Can we push these packages to bullseye-updates? > The kernel change that recently caused problems for the nvidia > modules > in bookworm has now reached bullseye, too: #1070726, but the new > upstream already sitting in bullseye-pu is sufficient to fix that. Would wording similar to https://lists.debian.org/debian-stable-announce/2024/02/msg2.html be accurate / suitable? (With the 12.5 reference changed to the relevant DSA number.) Regards, Adam
Bug#1065013: nvidia-graphics-drivers 470.239.06-1 flagged for acceptance
On 05/05/2024 20.52, Adam D Barratt wrote: Package: nvidia-graphics-drivers Version: 470.239.06-1 Explanation: upstream security fixes [CVE-2022-42265 CVE-2024-0074 CVE-2024-0078] Can we push these packages to bullseye-updates? The kernel change that recently caused problems for the nvidia modules in bookworm has now reached bullseye, too: #1070726, but the new upstream already sitting in bullseye-pu is sufficient to fix that. Therefore I'd recommend to push these packages to bullseye-updates: nvidia-graphics-drivers | 470.239.06-1 nvidia-settings | 470.239.06-1 nvidia-graphics-drivers-tesla-470 | 470.239.06-1~deb11u1 (tha would imply that temporarily the version of nvidia-graphics-drivers-tesla-470 in bullseye-updates is higher than the one in bookworm-updates) Andreas
Bug#1065013: nvidia-graphics-drivers 470.239.06-1 flagged for acceptance
package release.debian.org tags 1065013 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: nvidia-graphics-drivers Version: 470.239.06-1 Explanation: upstream security fixes [CVE-2022-42265 CVE-2024-0074 CVE-2024-0078]