Summary: | <x11-drivers/nvidia-drivers-{384.111,390.12}: Meltdown/Spectre mitigation (CVE-2017-5753) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, hardened, jer, viklevin2 |
Priority: | Normal | Flags: | nattka:
sanity-check-
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://nvidia.custhelp.com/app/answers/detail/a_id/4611/~/security-bulletin%3A-nvidia-gpu-display-driver-security-updates-for-speculative | ||
Whiteboard: | A4 [glsa cve] | ||
Package list: |
x11-drivers/nvidia-drivers-390.12
x11-drivers/nvidia-drivers-384.111
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 643340 |
Description
GLSAMaker/CVETool Bot
2018-01-09 17:23:27 UTC
@ Maintainer(s): Please tell us when we can start stabilization of =x11-drivers/nvidia-drivers-390.12 or CC arches on your own. [Non-]minor note: Any masking which is done should not block 384.111, etc. for hardware which doesn't run on 390.x branch. The maintainer is unlikely to make this mistake even if the CVE bot didn't understand the nuance. (In reply to Thomas Deutschmann from comment #1) > =x11-drivers/nvidia-drivers-390.12 or CC arches on your own. 390.12 is a beta and is not going stable at all. Fixed versions are stable. @maintainer(s), please clean the vulnerable versions or put a mask in place noting the security vulnerability. Unable to check for sanity:
> no match for package: x11-drivers/nvidia-drivers-390.12
Last vulnerable 384 branch ebuilds were dropped March 2018 in bb2396e7bba. Tree clean, too old for GLSA. |