Bug#886852: NVidia driver : upgrade to version 384.111

Luca Boccassi bluca at debian.org
Thu Jan 11 11:19:43 UTC 2018

On Wed, 2018-01-10 at 23:58 +0100, Andreas Beckmann wrote:
> On 2018-01-10 15:25, Luca Boccassi wrote:
> > I'm a little confused as what their blobs could possible have to do
> > with spectre/meltdown to be honest
> meltdown does not seem to be an issue, but for spectre it is not
> neccessarily the GPU bits being fixed, but the CPU side of the driver
> -
> which can run untrusted user supplied code (e.g. compiling shaders)
> ...
> that could be comparable to the sandboxed javascript in the browser
> accessing all the browser memory.

Ah I see, makes sense.

> > - but in general it sounds like a
> > good idea to move 384 to stable-p-u, since it's won't be the last
> > CVE
> > we get and as you said 375 is dead and buried.
> > 
> > Andreas, what do you think?
> Just uploaded to stretch-backports, will need to go through
> backports-new.
> Untested on my side - please try it out :-)
> Andreas

Thanks, will try it out later tonight and report back - I already had
manually built a locally merged version and it seemed to work fine so I
don't expect issues.

Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/attachments/20180111/36588e86/attachment.sig>

More information about the pkg-nvidia-devel mailing list