| Summary: | mesa new security issue CVE-2012-2864 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | critical | ||
| Priority: | Normal | CC: | alien, davidwhodgins, frateraec, mageia, micheelsen, sysadmin-bugs, thierry.vignaud, tmb |
| Version: | 2 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/515151/ | ||
| Whiteboard: | MGA2-64-OK MGA2-32-OK | ||
| Source RPM: | mesa-8.0.2-2.mga2.src.rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | 2317 | ||
| Bug Blocks: | |||
|
Description
David Walser
2012-09-06 23:04:49 CEST
David Walser
2012-09-06 23:05:00 CEST
CC:
(none) =>
mageia Note to self to submit the build to tainted as well.
David Walser
2012-09-06 23:19:08 CEST
Severity:
normal =>
major Patched package uploaded for Mageia 2. Advisory: ======================== Updated mesa packages fix security vulnerability: The glsl shaders are vulnerable to a buffer overrun in parcel_out_uniform_storage::visit_field. When too many uniforms are used, the error will now be caught in check_resources (src/glsl/linker.cpp) (CVE-2012-2864). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2864 http://lists.opensuse.org/opensuse-updates/2012-09/msg00036.html ======================== Updated packages in {core,tainted}/updates_testing: ======================== mesa-8.0.2-2.1.mga2 libmesagl1-8.0.2-2.1.mga2 libdri-drivers-8.0.2-2.1.mga2 libmesagl1-devel-8.0.2-2.1.mga2 libmesaglu1-8.0.2-2.1.mga2 libmesaglu1-devel-8.0.2-2.1.mga2 libmesaegl1-8.0.2-2.1.mga2 libmesaegl1-devel-8.0.2-2.1.mga2 libglapi0-8.0.2-2.1.mga2 libglapi0-devel-8.0.2-2.1.mga2 libmesaglesv1_1-8.0.2-2.1.mga2 libmesaglesv1_1-devel-8.0.2-2.1.mga2 libmesaglesv2_2-8.0.2-2.1.mga2 libmesaglesv2_2-devel-8.0.2-2.1.mga2 libmesaopenvg1-8.0.2-2.1.mga2 libmesaopenvg1-devel-8.0.2-2.1.mga2 libgbm1-8.0.2-2.1.mga2 libgbm1-devel-8.0.2-2.1.mga2 libwayland-egl1-8.0.2-2.1.mga2 libwayland-egl1-devel-8.0.2-2.1.mga2 mesa-common-devel-8.0.2-2.1.mga2 from mesa-8.0.2-2.1.mga2.src.rpm Assignee:
bugsquad =>
qa-bugs I've updated it to 8.0.4 to both core & tainted's updates_testing (many bug fixes and only that) http://mesa3d.org/relnotes-8.0.3.html http://cgit.freedesktop.org/mesa/mesa/plain/docs/relnotes-8.0.4.html CC:
(none) =>
thierry.vignaud (In reply to comment #3) > I've updated it to 8.0.4 to both core & tainted's updates_testing (many bug > fixes and only that) Thanks. You forgot to remove the subrel and set the release tag back to 1.
David Walser
2012-09-07 13:31:15 CEST
Depends on:
6674 =>
(none) I installed 8.0.4 tainted for test! Mageia 2 x86_64 CC:
(none) =>
frateraec
Thomas Backlund
2012-09-07 13:47:09 CEST
Blocks:
(none) =>
6674 *** Bug 6674 has been marked as a duplicate of this bug. *** Blocks:
6674 =>
(none) Why lib64mesaglw1 is at version 7.11.2-5.mga2.tainted yet? Source: mesa-7.11.2-5.mga2.tainted.src.rpm No longer exists this package in versions 8.0.x? There is no libmesaglw1 provided by this package, so I guess it should have been Obsoleted. Does any package depend on libmesaglw1? Apparently is the only package that supports: "GLw adds Motif bindings to the OpenGL "canvas" (Xt/Motif/OpenGL widget code)." I just checked, and there is no libmesaglw1 package in Mageia 2. It must be a leftover on your system from Mageia 1. You should be able to safely remove it. As a matter of fact, nothing required it in Mageia 1 either. No, it is in the repository Mageia 2 Yes, see: http://pkgs.org/search/?keyword=libmesaglw1&search_on=name&distro=118&arch=32-bit or http://mirror.yandex.ru/mageia/distrib/2/i586/media/tainted/release/libmesaglw1-7.11.2-5.mga2.tainted.i586.rpm Browse the repository Tainted Release (distrib21) and you will find the package libmesaglw1 in Mageia 2! Ahh, well it's not in core, so it should have been deleted from tainted before the release. Testing complete on Mageia 2 x86-64. Just testing that speed-dreams works. CC:
(none) =>
davidwhodgins Testing complete on Mageia 2 i586. Could someone from the sysadmin team push the srpm mesa-8.0.4-2.1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates and the srpm mesa-8.0.4-2.1.mga2.tainted.src.rpm from Tainted Updates Testing to Tainted Updates. Advisory: Updated mesa packages fix security vulnerability: The glsl shaders are vulnerable to a buffer overrun in parcel_out_uniform_storage::visit_field. When too many uniforms are used, the error will now be caught in check_resources (src/glsl/linker.cpp) (CVE-2012-2864). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2864 http://lists.opensuse.org/opensuse-updates/2012-09/msg00036.html https://bugs.mageia.org/show_bug.cgi?id=7381 Keywords:
(none) =>
validated_update Addendum to the advisory: Additionally, Mesa has been updated to 8.0.4, fixing several bugs. References: http://mesa3d.org/relnotes-8.0.3.html http://cgit.freedesktop.org/mesa/mesa/plain/docs/relnotes-8.0.4.html Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0264 Status:
NEW =>
RESOLVED i'm afraid that lib64mesagl1 seems to require lib64txc-dxtn (only 64bit does that for some weird reason) this breaks updates... Status:
RESOLVED =>
REOPENED Would this be the core or tainted version? I guess that means it will require linking. Problems reported with updates to tainted, adding bug 2317 to depends and running through depcheck Status:
REOPENED =>
RESOLVED Sorry, didn't mean to close it Status:
RESOLVED =>
REOPENED The problems seem to stem from an update from Tainted Release to Tainted Updates. Heres the list.. glibc-devel-2.14.1-8.mga2 (Core 32bit Release) glibc-devel-2.14.1-8.mga2 (Core Release) lib64drm-devel-2.4.33-1.mga2 (Core Release) lib64ffi5-devel-3.0.10-1.mga2 (Core Release) lib64kms1-2.4.33-1.mga2 (Core Release) lib64pciaccess-devel-0.13-1.mga2 (Core Release) lib64uClibc-devel-0.9.30.3-2.mga1 (Core Release) lib64udev0-devel-181-8.mga2 (Core Release) lib64wayland-client0-0.85.0-4.mga2 (Core Release) lib64wayland-devel-0.85.0-4.mga2 (Core Release) lib64wayland-server0-0.85.0-4.mga2 (Core Release) lib64x11_6-devel-1.4.99.1-4.mga2 (Core Release) lib64xau6-devel-1.0.7-1.mga2 (Core Release) lib64xcb-composite0-1.8.1-1.mga2 (Core Release) lib64xcb-damage0-1.8.1-1.mga2 (Core Release) lib64xcb-devel-1.8.1-1.mga2 (Core Release) lib64xcb-dpms0-1.8.1-1.mga2 (Core Release) lib64xcb-randr0-1.8.1-1.mga2 (Core Release) lib64xcb-record0-1.8.1-1.mga2 (Core Release) lib64xcb-render0-1.8.1-1.mga2 (Core Release) lib64xcb-res0-1.8.1-1.mga2 (Core Release) lib64xcb-screensaver0-1.8.1-1.mga2 (Core Release) lib64xcb-shape0-1.8.1-1.mga2 (Core Release) lib64xcb-shm0-1.8.1-1.mga2 (Core Release) lib64xcb-sync0-1.8.1-1.mga2 (Core Release) lib64xcb-xevie0-1.8.1-1.mga2 (Core Release) lib64xcb-xf86dri0-1.8.1-1.mga2 (Core Release) lib64xcb-xfixes0-1.8.1-1.mga2 (Core Release) lib64xcb-xinerama0-1.8.1-1.mga2 (Core Release) lib64xcb-xprint0-1.8.1-1.mga2 (Core Release) lib64xcb-xtest0-1.8.1-1.mga2 (Core Release) lib64xcb-xv0-1.8.1-1.mga2 (Core Release) lib64xcb-xvmc0-1.8.1-1.mga2 (Core Release) lib64xdmcp6-devel-1.1.1-1.mga2 (Core Release) libpthread-stubs-0.3-1.mga1 (Core 32bit Release) libpthread-stubs-0.3-1.mga1 (Core Release) x11-proto-devel-7.6-17.mga2 (Core 32bit Release) x11-proto-devel-7.6-17.mga2 (Core Release) (In reply to comment #21) > Heres the list.. I don't see lib64txc-dxtn in that list... (In reply to comment #22) > (In reply to comment #21) > > Heres the list.. > > I don't see lib64txc-dxtn in that list... That's because I already linked it when it was reported on IRC How do I reproduce this problem. Here I upgraded by tainted updates repository normally. (In reply to comment #24) > How do I reproduce this problem. Here I upgraded by tainted updates repository > normally. did you use urpmi ? this problem only shows up with the update applet. Anyway, packages linked... Status:
REOPENED =>
RESOLVED Ok. I updated by drakrpm-update ... |