Bug#668780: pu: package nvidia-graphics-drivers/195.36.31-6squeeze1
Andreas Beckmann
debian at abeckmann.de
Sat Apr 14 10:57:58 UTC 2012
Package: release.debian.org
Severity: normal
User: release.debian.org at packages.debian.org
Usertags: pu
Dear release managers,
we would like to update the nvidia-graphics-drivers [non-free] package
in squeeze. There are two security patches from NVIDIA to be applied,
but since there is no security support for non-free, we target s-p-u.
Furthermore I updated bug-script and bug-control to collect more useful
information in bug reports.
* Security fix (backported from 195.36.31-7). (Closes: #609338)
Apply upstream patch NVIDIA_kernel-260.19.34-778465.diff to fix
information leak in the kernel module: kernel memory was returned
uninitialized to user space.
* CVE-2012-0946 (backported from 295.40-1):
Add upstream patch nvidia-blacklist-register-mapping-195.diff:
Closed a security vulnerability which made it possible for attackers to
reconfigure GPUs to gain access to arbitrary system memory. For further
details, see: http://nvidia.custhelp.com/app/answers/detail/a_id/3109
* Let the bug-script collect detailed information about OpenGL and NVIDIA
libraries and their symlinks, diversions and alternatives currently found
on the system. Also list files remaining from using the nvidia-installer.
Report status of more related packages.
As a followup to this update the nvidia-graphics-modules package
(prebuilt binary kernel modules) needs to be updated, too.
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 195.36.31-6squeeze1.diff
Type: text/x-diff
Size: 10804 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/attachments/20120414/dd58b525/attachment.diff>
More information about the pkg-nvidia-devel
mailing list