| Summary: | Mesa: fix for different version tainted/core, CVE-2012-2864 fix pending... | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Hans Micheelsen <micheelsen> |
| Component: | Security | Assignee: | Mageia Bug Squad <bugsquad> |
| Status: | RESOLVED DUPLICATE | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | anssi.hannula, dmorganec, frateraec, fundawang, hhielscher, lemonzest, luigiwalser, mageia, pterjan, thierry.vignaud, tmb |
| Version: | 2 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.mesa3d.org/relnotes-8.0.3.html | ||
| Whiteboard: | |||
| Source RPM: | mesa-8.0.2-2.mga2.src.rpm | CVE: | |
| Status comment: | |||
|
Description
Hans Micheelsen
2012-07-03 19:54:18 CEST
Please commiter, note that we have 8.0.2-2.mga2 in core, and 8.0-1.mga2.tainted in tainted so we need anyway an update for fix that ihmo CC:
(none) =>
anssi.hannula, dmorganec, fundawang, mageia, pterjan, thierry.vignaud, tmb Yes I noticed there is conflicting versions of mesa and mesa-tainted. And I second an update to this new 8.0.3 version. thanks Simon/Lemonzest CC:
(none) =>
lemonzest
Helge Hielscher
2012-07-23 16:50:10 CEST
CC:
(none) =>
hhielscher
Manuel Hiebel
2012-08-05 00:48:39 CEST
Summary:
Update request: Bug fix release of mesa available =>
Update request: Bug fix release of mesa available (fix for different version tainted/core) 8.0.4 is out now
Thierry Vignaud
2012-08-13 11:50:21 CEST
Keywords:
(none) =>
Junior_job Why is mesa in tainted? Do we have a list of IP-issues? Just look at its description, it's explained. It's mainly about compressed textures which use S3TC format which is patented. Hence it's not done in mesa but in txc-dxtn library which in tainted. The tainted build of mesa just pull this library in order to enable support for compressed textures. Tainted has float buffer support, s3tc seems to be in the non-tainted build (using it with lib64xtc and its working fine), float textures are a requirement for opengl 3.0 + and is patented :( So there is a need for a tainted version. At least for the next 20 years. But still those two versions should be of the same version. Is there any reason for them not to be of the same version? No. The one who updated it last forgot to do it. Anyway, anybody can push the mesa-8.0.4 into */update_testing there is also a CVE-2012-2864 being discussed upstream: http://www.mail-archive.com/mesa-dev@lists.freedesktop.org/msg25207.html https://bugzilla.redhat.com/show_bug.cgi?id=851006 Keywords:
Junior_job =>
(none) I need update for my tainted mesa version to Mageia 2 x86_64, because some features chromium-browser don't work with the core version. CC:
(none) =>
frateraec I've uploaded 8.0.4 to both core & tainted's updates_testing
Thierry Vignaud
2012-09-07 09:54:19 CEST
Blocks:
(none) =>
7381 I installed 8.0.4 tainted for test! Mageia 2 x86_64
David Walser
2012-09-07 13:31:15 CEST
Blocks:
7381 =>
(none) This bug is a mix of several different issues. The update for Mageia 2 is now in Bug 7381. We'll leave this bug for the issues in Cauldron. CC:
(none) =>
luigiwalser (In reply to comment #13) > This bug is a mix of several different issues. > > The update for Mageia 2 is now in Bug 7381. > > We'll leave this bug for the issues in Cauldron. This one has _nothing_ what so ever to do with Cauldron, it ia a Mga2 only issue (including the CVE), was tracked and will be resolved with the mesa update goining out... Version:
Cauldron =>
2 (In reply to comment #14) > (In reply to comment #13) > > This bug is a mix of several different issues. > > > > The update for Mageia 2 is now in Bug 7381. > > > > We'll leave this bug for the issues in Cauldron. > > This one has _nothing_ what so ever to do with Cauldron, > it ia a Mga2 only issue (including the CVE), was tracked > and will be resolved with the mesa update goining out... Just goes to show how confusing this bug is. I thought it said the core/tainted version mismatch also affected Cauldron. I don't believe the CVE is fixed in Cauldron, but if you don't want a bug for that, then this is just a duplicate now. *** This bug has been marked as a duplicate of bug 7381 *** Status:
NEW =>
RESOLVED (In reply to comment #15) > Just goes to show how confusing this bug is. I thought it said the > core/tainted version mismatch also affected Cauldron. Well, a cauldron only mismatch is usually detected pretty fast, and will simply be re-submitted when needed... > I don't believe the CVE > is fixed in Cauldron, but if you don't want a bug for that, then this is just a > duplicate now. > It's fixed in the current snapshot waiting to be built: mesa-9.0.0-0.git20120906.1.mga3 |