From owner-freebsd-ports@FreeBSD.ORG Wed Aug 8 10:34:06 2012 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: by hub.freebsd.org (Postfix, from userid 1033) id 19FA61065670; Wed, 8 Aug 2012 10:34:06 +0000 (UTC) Date: Wed, 8 Aug 2012 10:34:06 +0000 From: Alexey Dokuchaev To: Rainer Hurling Message-ID: <20120808103406.GA56960@FreeBSD.org> References: <501F7A35.5080207@FreeBSD.org> <501FAF5E.6090101@gwdg.de> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <501FAF5E.6090101@gwdg.de> User-Agent: Mutt/1.4.2.1i Cc: freebsd security , Doug Barton , freebsd-ports@FreeBSD.org, Oliver Pinter Subject: Re: [Full-disclosure] nvidia linux binary driver priv escalation exploit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Aug 2012 10:34:06 -0000 On Mon, Aug 06, 2012 at 01:49:50PM +0200, Rainer Hurling wrote: > Am 06.08.2012 10:03 (UTC+1) schrieb Doug Barton: > >On 08/01/2012 05:09, Oliver Pinter wrote: > >>I found this today on FD: > >> > >>http://seclists.org/fulldisclosure/2012/Aug/4 > > > >Apparently this affects us as well. Any news? > > Thanks for the info. I had been not aware of it before. > > NVidia has released a driver version 304.32 for FreeBSD i386 and amd64, > which should remedy these security issues. Luckily, they've released version 295.71 which is on Long Lived Branch. I will update the port shortly. VuXML entry will have to follow separately, as it is unclear whether new CVE number will be assigned or not. ./danfe