/[advisories]/10569.adv
ViewVC logotype

Contents of /10569.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 102 - (show annotations) (download)
Wed Jun 26 19:04:02 2013 UTC (3 years, 10 months ago) by boklm
File size: 1017 byte(s)
MGASA-2013-0190
1 type: security
2 subject: Updated mesa packages fix multiple vulnerabilties
3 CVE:
4 - CVE-2013-1872
5 - CVE-2013-1993
6 src:
7 2:
8 core:
9 - mesa-8.0.5-1.1.mga2
10 tainted:
11 - mesa-8.0.5-1.1.mga2.tainted
12 description: |
13 An out-of-bounds access flaw was found in Mesa. If an application using
14 Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does
15 this), an attacker could cause the application to crash or, potentially,
16 execute arbitrary code with the privileges of the user running the
17 application (CVE-2013-1872).
18
19 It was found that Mesa did not correctly validate messages from the X
20 server. A malicious X server could cause an application using Mesa to
21 crash or, potentially, execute arbitrary code with the privileges of the
22 user running the application (CVE-2013-1993).
23 references:
24 - http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
25 - https://rhn.redhat.com/errata/RHSA-2013-0897.html
26 - https://bugs.mageia.org/show_bug.cgi?id=10569
27 ID: MGASA-2013-0190

  ViewVC Help
Powered by ViewVC 1.1.26