Login
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in Mesa
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in Mesa
ID: MDVSA-2013:164
Distribution: Mandriva
Plattformen: Mandriva Business Server 1.0
Datum: Di, 14. Mai 2013, 07:58
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5129
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0143
Applikationen: Mesa

Originalnachricht

This is a multi-part message in MIME format...

------------=_1368455952-24900-10

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:164
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : mesa
Date : May 13, 2013
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

Updated mesa packages fix security vulnerability:

It was discovered that Mesa incorrectly handled certain arrays. An
attacker could use this issue to cause Mesa to crash, resulting in a
denial of service, or possibly execute arbitrary code (CVE-2012-5129).

Mesa has also been updated to version 8.0.5, fixing several bugs.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5129
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0143
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
cb06a5cac3f9fa3f0d2c866598aa7a36
mbs1/x86_64/lib64dri-drivers-8.0.5-1.mbs1.x86_64.rpm
f2a98f31e037cb3abca4bf4e7add59ba
mbs1/x86_64/lib64gbm1-8.0.5-1.mbs1.x86_64.rpm
3db027f3349da9f87af8e255e7504e1e
mbs1/x86_64/lib64gbm1-devel-8.0.5-1.mbs1.x86_64.rpm
9b0c52329f3c4315a6fe8bcf97bf5bbf
mbs1/x86_64/lib64glapi0-8.0.5-1.mbs1.x86_64.rpm
261c0587b551dc3a2979e5a793bbd438
mbs1/x86_64/lib64glapi0-devel-8.0.5-1.mbs1.x86_64.rpm
9d25805e84c684bdf8aa8f76894403ee
mbs1/x86_64/lib64mesaegl1-8.0.5-1.mbs1.x86_64.rpm
1f961b47739679365dc17c2391430123
mbs1/x86_64/lib64mesaegl1-devel-8.0.5-1.mbs1.x86_64.rpm
14a189a35767f5839f1be2860b28289a
mbs1/x86_64/lib64mesagl1-8.0.5-1.mbs1.x86_64.rpm
8122ce03c2dff2f6a9ae68fe76d228ee
mbs1/x86_64/lib64mesagl1-devel-8.0.5-1.mbs1.x86_64.rpm
3fe4404b1dedd68e95cbbb31a1a8f2b1
mbs1/x86_64/lib64mesaglesv1_1-8.0.5-1.mbs1.x86_64.rpm
def8114e6723ab4464b767e000f3ec84
mbs1/x86_64/lib64mesaglesv1_1-devel-8.0.5-1.mbs1.x86_64.rpm
5977b769f9d51677d6e01144e34a6fd7
mbs1/x86_64/lib64mesaglesv2_2-8.0.5-1.mbs1.x86_64.rpm
277b2b772034d0cf063d8b50e0a1dd48
mbs1/x86_64/lib64mesaglesv2_2-devel-8.0.5-1.mbs1.x86_64.rpm
6280570c002cc5ae435eafc7ef9c7870
mbs1/x86_64/lib64mesaglu1-8.0.5-1.mbs1.x86_64.rpm
3fe7ab22b68cead65df8bb71594f940f
mbs1/x86_64/lib64mesaglu1-devel-8.0.5-1.mbs1.x86_64.rpm
71b6233fe83c13368da65a10ce19be1e
mbs1/x86_64/lib64mesaopenvg1-8.0.5-1.mbs1.x86_64.rpm
034793f6b661a284bce591d85696c0b4
mbs1/x86_64/lib64mesaopenvg1-devel-8.0.5-1.mbs1.x86_64.rpm
14eeccb8ce19479c5b213805c13d7e2a
mbs1/x86_64/lib64wayland-egl1-8.0.5-1.mbs1.x86_64.rpm
234da3b9878104b5f18ae69e91f1e083
mbs1/x86_64/lib64wayland-egl1-devel-8.0.5-1.mbs1.x86_64.rpm
8cf136a1417283b68c3a5647f8737ea7 mbs1/x86_64/mesa-8.0.5-1.mbs1.x86_64.rpm
823a8c551215f69e3314f3feecd7c1f7
mbs1/x86_64/mesa-common-devel-8.0.5-1.mbs1.x86_64.rpm
5b6a05a53bf9ed88bda5359e53506e96 mbs1/SRPMS/mesa-8.0.5-1.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFRkNAPmqjQ0CJFipgRAotZAKDj+mWdMvq4N2THnW2cM+hdL9niVACfXzEo
yl1wawSnTIFwa8gY0rvSNYw=
=/Hxj
-----END PGP SIGNATURE-----


------------=_1368455952-24900-10
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1368455952-24900-10--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung