Bug#886852: NVidia driver : upgrade to version 384.111
Julien Aubin
julien.aubin at gmail.com
Thu Jan 11 11:23:19 UTC 2018
Le 11 janv. 2018 12:19, "Luca Boccassi" <bluca at debian.org> a écrit :
On Wed, 2018-01-10 at 23:58 +0100, Andreas Beckmann wrote:
> On 2018-01-10 15:25, Luca Boccassi wrote:
> > I'm a little confused as what their blobs could possible have to do
> > with spectre/meltdown to be honest
>
> meltdown does not seem to be an issue, but for spectre it is not
> neccessarily the GPU bits being fixed, but the CPU side of the driver
> -
> which can run untrusted user supplied code (e.g. compiling shaders)
> ...
> that could be comparable to the sandboxed javascript in the browser
> accessing all the browser memory.
Ah I see, makes sense.
> > - but in general it sounds like a
> > good idea to move 384 to stable-p-u, since it's won't be the last
> > CVE
> > we get and as you said 375 is dead and buried.
> >
> > Andreas, what do you think?
>
> Just uploaded to stretch-backports, will need to go through
> backports-new.
> Untested on my side - please try it out :-)
>
>
> Andreas
Thanks, will try it out later tonight and report back - I already had
manually built a locally merged version and it seemed to work fine so I
don't expect issues.
--
Kind regards,
Luca Boccassi
Hi
If there is something like bpo-new for the bpo repo (as well as
stable-proposed-updates exists) I would be happy to test as well.
I prefer avoiding to build the packages myself in order to avoid building
some kind of tainted package
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/attachments/20180111/4a12d191/attachment.html>
More information about the pkg-nvidia-devel
mailing list