desktop-packages team mailing list archive

[Marc Deslauriers <marc.deslauriers@xxxxxxxxxxxxx>]

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-304 in Ubuntu.
https://bugs.launchpad.net/bugs/1512414

Title:
  CVE-2015-7869

Status in nvidia-graphics-drivers-304 package in Ubuntu:
  Fix Committed
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  Fix Committed
Status in nvidia-graphics-drivers-352 package in Ubuntu:
  Fix Committed
Status in nvidia-graphics-drivers-304 source package in Precise:
  Fix Released
Status in nvidia-graphics-drivers-340 source package in Precise:
  Fix Released
Status in nvidia-graphics-drivers-304 source package in Trusty:
  Fix Released
Status in nvidia-graphics-drivers-340 source package in Trusty:
  Fix Released
Status in nvidia-graphics-drivers-352 source package in Trusty:
  Fix Released
Status in nvidia-graphics-drivers-304 source package in Vivid:
  Fix Released
Status in nvidia-graphics-drivers-340 source package in Vivid:
  Fix Released
Status in nvidia-graphics-drivers-352 source package in Vivid:
  Fix Released
Status in nvidia-graphics-drivers-304 source package in Wily:
  Fix Released
Status in nvidia-graphics-drivers-340 source package in Wily:
  Fix Released
Status in nvidia-graphics-drivers-352 source package in Wily:
  Fix Released

Bug description:
  The issue is tracked as CVE-2015-7869, “Unsanitized User Mode Input”.
  Note that the security issue is not yet public and Nvidia plans to
  have public disclosure on 11/18/2015. This affects affects nvidia-304
  and later branches.

  The official releases from NVIDIA will be available on 11/16/15. I am
  going to take care of the packaging.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/+bug/1512414/+subscriptions