Oval Definition:oval:com.redhat.rhsa:def:20130897
Revision Date:2013-06-03Version:637
Title:RHSA-2013:0897: mesa security update (Important)
Description:Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.

  • An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-1872)

  • It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-1993)

    All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2013-1872
    CVE-2013-1872
    CVE-2013-1993
    CVE-2013-1993
    RHSA-2013:0897
    RHSA-2013:0897-01
    RHSA-2013:0897-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • glx-utils is earlier than 0:9.0-0.8.el6_4.3
  • AND glx-utils is signed with Red Hat redhatrelease2 key
  • mesa-demos is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-demos is signed with Red Hat redhatrelease2 key
  • mesa-dri-drivers is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-dri-drivers is signed with Red Hat redhatrelease2 key
  • mesa-dri-filesystem is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-dri-filesystem is signed with Red Hat redhatrelease2 key
  • mesa-libGL is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-libGL is signed with Red Hat redhatrelease2 key
  • mesa-libGL-devel is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-libGL-devel is signed with Red Hat redhatrelease2 key
  • mesa-libGLU is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-libGLU is signed with Red Hat redhatrelease2 key
  • mesa-libGLU-devel is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-libGLU-devel is signed with Red Hat redhatrelease2 key
  • mesa-libOSMesa is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-libOSMesa is signed with Red Hat redhatrelease2 key
  • mesa-libOSMesa-devel is earlier than 0:9.0-0.8.el6_4.3
  • AND mesa-libOSMesa-devel is signed with Red Hat redhatrelease2 key
    • BACK