Bug#886852: NVidia driver : upgrade to version 384.111
bluca at debian.org
Thu Jan 11 12:47:30 UTC 2018
On Thu, 2018-01-11 at 12:23 +0100, Julien Aubin wrote:
> Le 11 janv. 2018 12:19, "Luca Boccassi" <bluca at debian.org> a écrit :
> On Wed, 2018-01-10 at 23:58 +0100, Andreas Beckmann wrote:
> > On 2018-01-10 15:25, Luca Boccassi wrote:
> > > I'm a little confused as what their blobs could possible have to
> > > do
> > > with spectre/meltdown to be honest
> > meltdown does not seem to be an issue, but for spectre it is not
> > neccessarily the GPU bits being fixed, but the CPU side of the
> > driver
> > -
> > which can run untrusted user supplied code (e.g. compiling shaders)
> > ...
> > accessing all the browser memory.
> Ah I see, makes sense.
> > > - but in general it sounds like a
> > > good idea to move 384 to stable-p-u, since it's won't be the last
> > > CVE
> > > we get and as you said 375 is dead and buried.
> > >
> > > Andreas, what do you think?
> > Just uploaded to stretch-backports, will need to go through
> > backports-new.
> > Untested on my side - please try it out :-)
> > Andreas
> Thanks, will try it out later tonight and report back - I already had
> manually built a locally merged version and it seemed to work fine so
> don't expect issues.
> Kind regards,
> Luca Boccassi
> If there is something like bpo-new for the bpo repo (as well as
> stable-proposed-updates exists) I would be happy to test as well.
> I prefer avoiding to build the packages myself in order to avoid
> some kind of tainted package
It was accepted into bpo, so you'll be able to install it from stretch-
backports sometimes later today
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 488 bytes
Desc: This is a digitally signed message part
More information about the pkg-nvidia-devel