Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 869836@bugs.debian.org
Subject: Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sun, 30 Jul 2017 23:58:44 +0100
Message-id: <[🔎] 1501455524.18520.1.camel@gmail.com>
Reply-to: Luca Boccassi <luca.boccassi@gmail.com>, 869836@bugs.debian.org
In-reply-to: <[🔎] 1501454679.29960.54.camel@adam-barratt.org.uk>
References: <[🔎] 1501105880.5303.10.camel@gmail.com> <[🔎] 1501452266.29960.49.camel@adam-barratt.org.uk> <[🔎] 1501453176.653.1.camel@gmail.com> <[🔎] 1501453394.653.3.camel@gmail.com> <[🔎] 1501454679.29960.54.camel@adam-barratt.org.uk>

On Sun, 2017-07-30 at 23:44 +0100, Adam D. Barratt wrote:
> On Sun, 2017-07-30 at 23:23 +0100, Luca Boccassi wrote:
> > On Sun, 2017-07-30 at 23:19 +0100, Luca Boccassi wrote:
> > > Control: tags -1 - moreinfo
> > > 
> > > On Sun, 2017-07-30 at 23:04 +0100, Adam D. Barratt wrote:
> > > > Control: tags -1 + moreinfo
> > > > 
> > > > On Wed, 2017-07-26 at 22:51 +0100, Luca Boccassi wrote:
> > > > > The non-free proprietary nvidia-graphics-drivers version
> > > > > 375.66
> > > > > in
> > > > > Stretch is affected by CVE-2017-6257 and CVE-2017-6259.
> > > > > Debian
> > > > > bug:
> > > > > 
> > > > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869783
> > > > > 
> > > > > Please consider allowing the new upstream version 375.82,
> > > > > which
> > > > > fixes
> > > > > these CVEs, in proposed-updates. As usual with these
> > > > > proprietary
> > > > > drivers, we cannot just cherry-pick the fixes for the CVEs as
> > > > > they
> > > > > are
> > > > > in the binary blobs.
> > > > > 
> > > > > I have tested this new version on a Stretch amd64 desktop and
> > > > > didn't
> > > > > encounter any issue.
> > > > > 
> > > > > The debdiff from 375.66-2~deb9u1 to 375.82-1 is attached.
> > > > 
> > > > While I'm sure it's probably fine, could we have a diff of the
> > > > proposed
> > > > 375.82-1~deb9u1, as built and tested on stretch, please?
> 
> [...]
> > > There were no changes when I opened the bug apart from the new
> > > changelog entry.
> > > 
> > > Andreas has since committed 2 small fixes to the changelog as
> > > well,
> > > inlined, just minor clarifications. I still find the way upstream
> > > compiles their changelog quite confusing and often make mistakes
> > > when
> > > copying over :-)
> > > 
> > > Kind regards,
> > > Luca Boccassi
> > 
> > To further clarify, the debdiff I attached originally is the one
> > from
> > the source I built and tested on Stretch.
> 
> That's rather confusing, given that it had the changelog set to
> "unstable"...
> 
> Regards,
> 
> Adam

It was confusing, sorry about that.

It was a local build from SVN on my Stretch machine to test it, so I
hadn't updated the changelog with the stable entry yet.

Kind regards,
Luca Boccassi

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

References:
- Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
  - From: Luca Boccassi <luca.boccassi@gmail.com>
- Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
  - From: Luca Boccassi <luca.boccassi@gmail.com>
- Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
  - From: Luca Boccassi <luca.boccassi@gmail.com>
- Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Next by Date: Bug#866045: let this be for 1.5-13+deb9u1
Previous by thread: Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Next by thread: Processed: Re: Bug#869836: stretch-pu: package nvidia-graphics-drivers/375.82-1~deb9u1
Index(es):
- Date
- Thread