This bug is to handle just the Mesa package for the X.org update for Mageia 2. The ETA of the rest of the X.org packages is unknown. Advisory: ======================== Updated mesa packages fix security vulnerabilities: An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-1872). It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-1993). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1872 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://rhn.redhat.com/errata/RHSA-2013-0897.html ======================== Updated packages in core/updates_testing: ======================== mesa-8.0.5-1.1.mga2 libmesagl1-8.0.5-1.1.mga2 libdri-drivers-8.0.5-1.1.mga2 libmesagl1-devel-8.0.5-1.1.mga2 libmesaglu1-8.0.5-1.1.mga2 libmesaglu1-devel-8.0.5-1.1.mga2 libmesaegl1-8.0.5-1.1.mga2 libmesaegl1-devel-8.0.5-1.1.mga2 libglapi0-8.0.5-1.1.mga2 libglapi0-devel-8.0.5-1.1.mga2 libmesaglesv1_1-8.0.5-1.1.mga2 libmesaglesv1_1-devel-8.0.5-1.1.mga2 libmesaglesv2_2-8.0.5-1.1.mga2 libmesaglesv2_2-devel-8.0.5-1.1.mga2 libmesaopenvg1-8.0.5-1.1.mga2 libmesaopenvg1-devel-8.0.5-1.1.mga2 libgbm1-8.0.5-1.1.mga2 libgbm1-devel-8.0.5-1.1.mga2 libwayland-egl1-8.0.5-1.1.mga2 libwayland-egl1-devel-8.0.5-1.1.mga2 mesa-common-devel-8.0.5-1.1.mga2 from mesa-8.0.5-1.1.mga2.src.rpm Reproducible: Steps to Reproduce:
Blocks: (none) => 10105
Mesa is in both core and tainted, fixing the text below the advisory to reflect that. It is also now actually built for tainted. Advisory: ======================== Updated mesa packages fix security vulnerabilities: An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-1872). It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2013-1993). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1872 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 https://rhn.redhat.com/errata/RHSA-2013-0897.html ======================== Updated packages in {core,tainted}/updates_testing: ======================== mesa-8.0.5-1.1.mga2 libmesagl1-8.0.5-1.1.mga2 libdri-drivers-8.0.5-1.1.mga2 libmesagl1-devel-8.0.5-1.1.mga2 libmesaglu1-8.0.5-1.1.mga2 libmesaglu1-devel-8.0.5-1.1.mga2 libmesaegl1-8.0.5-1.1.mga2 libmesaegl1-devel-8.0.5-1.1.mga2 libglapi0-8.0.5-1.1.mga2 libglapi0-devel-8.0.5-1.1.mga2 libmesaglesv1_1-8.0.5-1.1.mga2 libmesaglesv1_1-devel-8.0.5-1.1.mga2 libmesaglesv2_2-8.0.5-1.1.mga2 libmesaglesv2_2-devel-8.0.5-1.1.mga2 libmesaopenvg1-8.0.5-1.1.mga2 libmesaopenvg1-devel-8.0.5-1.1.mga2 libgbm1-8.0.5-1.1.mga2 libgbm1-devel-8.0.5-1.1.mga2 libwayland-egl1-8.0.5-1.1.mga2 libwayland-egl1-devel-8.0.5-1.1.mga2 mesa-common-devel-8.0.5-1.1.mga2 from mesa-8.0.5-1.1.mga2.src.rpm
Mesa can be tested using some of the demos from the mesa-demos package $ urpmf mesa-demos | grep bin The Tainted version makes use of S3 texture compression which is patent encumbered in some areas.
Whiteboard: (none) => has_procedure
No PoC's AFAICT
Testing complete mga2 32
Whiteboard: has_procedure => has_procedure mga2-32-ok
Advisory uploaded
Mga2 64b testing complete
Keywords: (none) => validated_updateHardware: i586 => AllWhiteboard: has_procedure mga2-32-ok => has_procedure mga2-32-ok mga2-64-okCC: (none) => sysadmin-bugs
Removing the validated_update keyword. This one requires testing on multiple types of hardware.
Keywords: validated_update => (none)CC: (none) => davidwhodgins
Testing complete on x86_64 with a radeon hd5450 using the fglrx driver.
Testing complete on i586 with a radeon hd5450 using the fglrx driver.
Doesn't look like we're going to get more testers updating the bug report. Re-validating the bug report. Could someone from the sysadmin team push the update for mesa. The advisory 10569.adv is ready.
Keywords: (none) => validated_update
mesa was updated to version 9.1 with X.Org updates for bug #10565, and the advisory also include those 2 CVEs. Should we just close this bug ?
CC: (none) => boklm
Ah this one is for mageia 2, and bug #10565 only updates mesa on mageia 3.
this one is just mesa srpm, where the mga3 update had a full x.org
http://advisories.mageia.org/MGASA-2013-0190.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
CC: boklm => (none)