MGASA-2012-0264
| Date: | September 10th, 2012 |
| Affected releases: | 2 |
Description:
Updated mesa packages fix security vulnerability:
The glsl shaders are vulnerable to a buffer overrun in
parcel_out_uniform_storage::visit_field. When too many uniforms are used,
the error will now be caught in check_resources (src/glsl/linker.cpp)
(CVE-2012-2864).
Additionally, Mesa has been updated to 8.0.4, fixing several bugs.
Updated Packages:
mesa-8.0.4-2.1.mga2
mesa-common-devel-8.0.4-2.1.mga2
lib(64)dri-drivers-8.0.4-2.1.mga2
lib(64)gbm1-8.0.4-2.1.mga2
lib(64)gbm1-devel-8.0.4-2.1.mga2
lib(64)glapi0-8.0.4-2.1.mga2
lib(64)glapi0-devel-8.0.4-2.1.mga2
lib(64)mesaegl1-8.0.4-2.1.mga2
lib(64)mesaegl1-devel-8.0.4-2.1.mga2
lib(64)mesagl1-8.0.4-2.1.mga2
lib(64)mesagl1-devel-8.0.4-2.1.mga2
lib(64)mesaglesv1_1-8.0.4-2.1.mga2
lib(64)mesaglesv1_1-devel-8.0.4-2.1.mga2
lib(64)mesaglesv2_2-8.0.4-2.1.mga2
lib(64)mesaglesv2_2-devel-8.0.4-2.1.mga2
lib(64)mesaglu1-8.0.4-2.1.mga2
lib(64)mesaglu1-devel-8.0.4-2.1.mga2
lib(64)mesaopenvg1-8.0.4-2.1.mga2
lib(64)mesaopenvg1-devel-8.0.4-2.1.mga2
lib(64)wayland-egl1-8.0.4-2.1.mga2
lib(64)wayland-egl1-devel-8.0.4-2.1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2864
http://lists.opensuse.org/opensuse-updates/2012-09/msg00036.html
http://mesa3d.org/relnotes-8.0.3.html
http://cgit.freedesktop.org/mesa/mesa/plain/docs/relnotes-8.0.4.html
https://bugs.mageia.org/show_bug.cgi?id=7381
