Bug#876414: nvidia-kernel-dkms: security issues CVE-2017-6266, CVE-2017-6267, CVE-2017-6272
Andreas Beckmann
anbe at debian.org
Thu Sep 21 22:15:08 UTC 2017
On 09/21/2017 11:55 PM, Luca Boccassi wrote:
> 3 CVEs affecting the NVIDIA proprietary kernel modules have been
> published [1]:
>
> CVE-2017-6266, CVE-2017-6267, CVE-2017-6272
>
> All affecting only the 384 branch, and fixed in the 384.90 release.
Since NVIDIA published these today, but nothing for the 304xx/340xx
branches, the recent legacy releases don't seem to be relevant security
wise ... so nothing too urgent.
Did you have time to test the 375 trunk packaging on stretch? I think it
should work there out-of-the box after the recent changes ... I'm
thinking about backporting -4 once this reched testing, to get exposure
to a wider audience, since at some point we will need to put a 384 or
375 release with larger packaging changes into stretch-pu.
And thereafter moving to 384 in sid (via 378 and 381 first)
Andreas
More information about the pkg-nvidia-devel
mailing list