Bug#886852: NVidia driver : upgrade to version 384.111
Luca Boccassi
bluca at debian.org
Thu Jan 11 12:47:30 UTC 2018
On Thu, 2018-01-11 at 12:23 +0100, Julien Aubin wrote:
> Le 11 janv. 2018 12:19, "Luca Boccassi" <bluca at debian.org> a écrit :
>
> On Wed, 2018-01-10 at 23:58 +0100, Andreas Beckmann wrote:
> > On 2018-01-10 15:25, Luca Boccassi wrote:
> > > I'm a little confused as what their blobs could possible have to
> > > do
> > > with spectre/meltdown to be honest
> >
> > meltdown does not seem to be an issue, but for spectre it is not
> > neccessarily the GPU bits being fixed, but the CPU side of the
> > driver
> > -
> > which can run untrusted user supplied code (e.g. compiling shaders)
> > ...
> > that could be comparable to the sandboxed javascript in the browser
> > accessing all the browser memory.
>
> Ah I see, makes sense.
>
> > > - but in general it sounds like a
> > > good idea to move 384 to stable-p-u, since it's won't be the last
> > > CVE
> > > we get and as you said 375 is dead and buried.
> > >
> > > Andreas, what do you think?
> >
> > Just uploaded to stretch-backports, will need to go through
> > backports-new.
> > Untested on my side - please try it out :-)
> >
> >
> > Andreas
>
> Thanks, will try it out later tonight and report back - I already had
> manually built a locally merged version and it seemed to work fine so
> I
> don't expect issues.
>
> --
> Kind regards,
> Luca Boccassi
>
>
> Hi
>
> If there is something like bpo-new for the bpo repo (as well as
> stable-proposed-updates exists) I would be happy to test as well.
>
> I prefer avoiding to build the packages myself in order to avoid
> building
> some kind of tainted package
It was accepted into bpo, so you'll be able to install it from stretch-
backports sometimes later today
--
Kind regards,
Luca Boccassi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/attachments/20180111/563e5cef/attachment.sig>
More information about the pkg-nvidia-devel
mailing list