Hi, I was triaging nvidia-graphics-drivers, as they have a few CVEs open. However, the version in bullseye, version 470.256.02, is no longer supported by nvidia (since July 2024) and there simply not enough information available to actually fix the issues. Therefore I'd suggest to drop support for nvidia-graphics-drivers and add it to debian-security-support. (3 CVEs are fixed in the *tesla* version, src:nvidia-graphics-drivers-tesla-470, 470.256.02-1~deb11u2, of the same driver, and as the driver source seems to be identical with the non tesla one, its possible that those are already fixed in bullseye as well; I've reached out to the maintainer to clarify if this is indeed the case or if I missed something.) Possibly that means that src:nvidia-graphics-drivers-tesla-470 should be added to debian-security-support to indicate that we cant support that either. Appreciating any feedback ;-) -- tobi
Attachment:
signature.asc
Description: PGP signature