Bug#863515: CVE-2017-0350 CVE-2017-0351 CVE-2017-0352
Luca Boccassi
luca.boccassi at gmail.com
Sun May 28 12:16:32 UTC 2017
On Sun, 2017-05-28 at 13:06 +0200, Moritz Mühlenhoff wrote:
> On Sun, May 28, 2017 at 12:00:20PM +0100, Luca Boccassi wrote:
> > On Sat, 2017-05-27 at 23:18 +0200, Moritz Muehlenhoff wrote:
> > > Source: nvidia-graphics-drivers
> > > Severity: grave
> > > Tags: security
> > >
> > > Please see http://nvidia.custhelp.com/app/answers/detail/a_id/446
> > > 2
> > >
> > > Cheers,
> > > Moritz
> >
> > Thanks for the heads-up.
> >
> > 375.66 has the fix and it's ready to go, was waiting for the
> > testing
> > freeze to be lifted but instead now I'll mention the CVEs in the
> > changelog and upload to sid, and ask for an exception for the
> > migration.
> >
> > Upstream mentions fixes only for 375 and 381, so I assume 304 and
> > 340
> > are unaffected, therefore I believe no action is required for
> > oldstable
> > and stable (jessie-backports will need an upload after 375.66 is in
> > testing, but was going to do it anyway).
>
> Ok, I've updated the Debian security tracker.
>
> Cheers,
> Moritz
Thanks.
The new version is in unstable, and I filed a request to unblock
migration to stretch:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863549
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/attachments/20170528/fe196c92/attachment.sig>
More information about the pkg-nvidia-devel
mailing list