[Git][security-tracker-team/security-tracker][master] 5 commits: lts: triage nvidia-graphics-drivers-legacy-390xx issues

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Wed Jan 29 11:38:28 GMT 2025 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8ba188d7 by Emilio Pozuelo Monfort at 2025-01-29T12:37:24+01:00
lts: triage nvidia-graphics-drivers-legacy-390xx issues

- - - - -
59d76e54 by Emilio Pozuelo Monfort at 2025-01-29T12:37:25+01:00
lts: triage nvidia-graphics-drivers-tesla-418 issues

- - - - -
323f9dca by Emilio Pozuelo Monfort at 2025-01-29T12:37:25+01:00
lts: add openjdk

- - - - -
cd508b19 by Emilio Pozuelo Monfort at 2025-01-29T12:37:27+01:00
lts: triage CVE-2025-24356/fastd as no-dsa for bullseye

- - - - -
d6a89168 by Emilio Pozuelo Monfort at 2025-01-29T12:37:29+01:00
lts: triage CVE-2025-24359/python-asteval as no-dsa for bullseye

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -755,6 +755,7 @@ CVE-2017-20196 (A vulnerability was found in Itechscripts School Management Soft
 CVE-2025-24356 (fastd is a VPN daemon which tunnels IP packets and Ethernet frames ove ...)
 	- fastd 23-1
 	[bookworm] - fastd <no-dsa> (Minor issue)
+	[bullseye] - fastd <no-dsa> (Minor issue)
 	NOTE: https://github.com/neocturne/fastd/security/advisories/GHSA-pggg-vpfv-4rcv
 	NOTE: Fixed by: https://github.com/neocturne/fastd/commit/ce1b79b12dbfa796743b5f3a50789ade965b7023 (v23)
 	NOTE: Fixed by: https://github.com/neocturne/fastd/commit/1f233bee76b722c0b3f9024f2c39c72e9f7e5843 (v23)
@@ -1119,6 +1120,7 @@ CVE-2025-24362 (In some circumstances, debug artifacts uploaded by the CodeQL Ac
 CVE-2025-24359 (ASTEVAL is an evaluator of Python expressions and statements. Prior to ...)
 	- python-asteval <unfixed>
 	[bookworm] - python-asteval <no-dsa> (Minor issue)
+	[bullseye] - python-asteval <no-dsa> (Minor issue)
 	NOTE: https://github.com/lmfit/asteval/security/advisories/GHSA-3wwr-3g9f-9gc7
 CVE-2025-24355 (Updatecli is a tool used to apply file update strategies. Prior to ver ...)
 	NOT-FOR-US: Updatecli
@@ -1349,7 +1351,9 @@ CVE-2024-0149 (NVIDIA GPU Display Driver for Linux contains a vulnerability whic
 	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
+	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1093911)
+	[bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-450 450.248.02-4 (bug #1093912)
 	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
 	- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1093913)
@@ -1368,7 +1372,9 @@ CVE-2024-0131
 	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
+	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1093911)
+	[bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-450 450.248.02-4 (bug #1093912)
 	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
 	- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1093913)
@@ -1392,7 +1398,9 @@ CVE-2024-0147 (NVIDIA GPU display driver for Windows and Linux contains a vulner
 	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
+	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1093911)
+	[bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-450 450.248.02-4 (bug #1093912)
 	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
 	- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1093913)
@@ -1411,7 +1419,9 @@ CVE-2024-0150 (NVIDIA GPU display driver for Windows and Linux contains a vulner
 	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
+	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1093911)
+	[bullseye] - nvidia-graphics-drivers-tesla-418 <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla-450 450.248.02-4 (bug #1093912)
 	NOTE: 450.248.02-4 turned the package into a metapackage to aid switching to nvidia-graphics-drivers-tesla-470
 	- nvidia-graphics-drivers-tesla-460 460.106.00-3 (bug #1093913)


=====================================
data/dla-needed.txt
=====================================
@@ -165,6 +165,12 @@ openafs
   NOTE: 20241207: Added by Front-Desk (santiago)
   NOTE: 20250102: Looking at CVE-2024-10394
 --
+openjdk-11 (Emilio)
+  NOTE: 20250129: Added by Front-Desk (pochu)
+--
+openjdk-17 (Emilio)
+  NOTE: 20250129: Added by Front-Desk (pochu)
+--
 openjpeg2 (Markus Koschany)
   NOTE: 20250105: Added by Front-Desk (apo)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b91dcaa3ef19d0ac49a85f121883ef093f78e872...d6a891687951f1bcfc4d445bdbe6c6a705f098e5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/b91dcaa3ef19d0ac49a85f121883ef093f78e872...d6a891687951f1bcfc4d445bdbe6c6a705f098e5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250129/daad14d4/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list