| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 9 Jun 2013 23:52:48 +0200 From: Raphael Geissert <geissert@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 2704-1] mesa security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2704-1 security@...ian.org http://www.debian.org/security/ Raphael Geissert June 09, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mesa Vulnerability : out of bounds access Problem type : remote Debian-specific: no CVE ID : CVE-2013-1872 It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. The oldstable distribution (squeeze) is not affected by this problem. For the stable distribution (wheezy), this problem has been fixed in version 8.0.5-4+deb7u2. For the unstable distribution (sid), this problem has been fixed in version 8.0.5-7. We recommend that you upgrade your mesa packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlG0+TEACgkQYy49rUbZzlqRZACfQkGTJ24Ee4N5PH2hVzic0vRu tkYAnRS15FAeP44cbM4AVf0H19K0Rxhi =LqZn -----END PGP SIGNATURE-----
Powered by blists - more mailing lists