openSUSE-SU-2013:0865-1: moderate: Mesa: security and bugfix update

6 Jun 2013

      openSUSE Security Update: Mesa: security and bugfix update
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2013:0865-1
Rating:             moderate
References:         #814947 #815451 #821855 
Cross-References:   CVE-2013-1993
Affected Products:
                    openSUSE 12.2
______________________________________________________________________________

   An update that solves one vulnerability and has two fixes
   is now available.

Description:

   This Mesa update fixes the following security bug:
   CVE-2013-1993: Integer overflows in XF86DRIOpenConnection
   and XF86DRIGetClientDriverName were fixed that could lead
   to client crashes when using a malicious X server.

   This update fixes the following issue for Mesa on openSUSE
   12.3:
   - bnc#814947, fdo#62141: Make sure we do render between two
   hiz flushes

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.2:

      zypper in -t patch openSUSE-2013-366

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 12.2 (i586 x86_64):

      Mesa-8.0.4-20.23.1
      Mesa-debuginfo-8.0.4-20.23.1
      Mesa-debugsource-8.0.4-20.23.1
      Mesa-devel-8.0.4-20.23.1
      Mesa-libEGL-devel-8.0.4-20.23.1
      Mesa-libEGL1-8.0.4-20.23.1
      Mesa-libEGL1-debuginfo-8.0.4-20.23.1
      Mesa-libGL-devel-8.0.4-20.23.1
      Mesa-libGL1-8.0.4-20.23.1
      Mesa-libGL1-debuginfo-8.0.4-20.23.1
      Mesa-libGLESv1_CM-devel-8.0.4-20.23.1
      Mesa-libGLESv1_CM1-8.0.4-20.23.1
      Mesa-libGLESv1_CM1-debuginfo-8.0.4-20.23.1
      Mesa-libGLESv2-2-8.0.4-20.23.1
      Mesa-libGLESv2-2-debuginfo-8.0.4-20.23.1
      Mesa-libGLESv2-devel-8.0.4-20.23.1
      Mesa-libGLU-devel-8.0.4-20.23.1
      Mesa-libGLU1-8.0.4-20.23.1
      Mesa-libGLU1-debuginfo-8.0.4-20.23.1
      Mesa-libIndirectGL1-8.0.4-20.23.1
      Mesa-libIndirectGL1-debuginfo-8.0.4-20.23.1
      Mesa-libglapi0-8.0.4-20.23.1
      Mesa-libglapi0-debuginfo-8.0.4-20.23.1
      libOSMesa8-8.0.4-20.23.1
      libOSMesa8-debuginfo-8.0.4-20.23.1
      libXvMC_nouveau-8.0.4-20.23.1
      libXvMC_nouveau-debuginfo-8.0.4-20.23.1
      libXvMC_r300-8.0.4-20.23.1
      libXvMC_r300-debuginfo-8.0.4-20.23.1
      libXvMC_r600-8.0.4-20.23.1
      libXvMC_r600-debuginfo-8.0.4-20.23.1
      libXvMC_softpipe-8.0.4-20.23.1
      libXvMC_softpipe-debuginfo-8.0.4-20.23.1
      libgbm-devel-0.0.0-20.23.1
      libgbm1-0.0.0-20.23.1
      libgbm1-debuginfo-0.0.0-20.23.1
      libvdpau_nouveau-8.0.4-20.23.1
      libvdpau_nouveau-debuginfo-8.0.4-20.23.1
      libvdpau_r300-8.0.4-20.23.1
      libvdpau_r300-debuginfo-8.0.4-20.23.1
      libvdpau_r600-8.0.4-20.23.1
      libvdpau_r600-debuginfo-8.0.4-20.23.1
      libvdpau_softpipe-8.0.4-20.23.1
      libvdpau_softpipe-debuginfo-8.0.4-20.23.1
      libxatracker-devel-1.0.0-20.23.1
      libxatracker1-1.0.0-20.23.1
      libxatracker1-debuginfo-1.0.0-20.23.1

   - openSUSE 12.2 (x86_64):

      Mesa-32bit-8.0.4-20.23.1
      Mesa-debuginfo-32bit-8.0.4-20.23.1
      Mesa-devel-32bit-8.0.4-20.23.1
      Mesa-libEGL-devel-32bit-8.0.4-20.23.1
      Mesa-libEGL1-32bit-8.0.4-20.23.1
      Mesa-libEGL1-debuginfo-32bit-8.0.4-20.23.1
      Mesa-libGL-devel-32bit-8.0.4-20.23.1
      Mesa-libGL1-32bit-8.0.4-20.23.1
      Mesa-libGL1-debuginfo-32bit-8.0.4-20.23.1
      Mesa-libGLESv1_CM-devel-32bit-8.0.4-20.23.1
      Mesa-libGLESv1_CM1-32bit-8.0.4-20.23.1
      Mesa-libGLESv1_CM1-debuginfo-32bit-8.0.4-20.23.1
      Mesa-libGLESv2-2-32bit-8.0.4-20.23.1
      Mesa-libGLESv2-2-debuginfo-32bit-8.0.4-20.23.1
      Mesa-libGLESv2-devel-32bit-8.0.4-20.23.1
      Mesa-libGLU-devel-32bit-8.0.4-20.23.1
      Mesa-libGLU1-32bit-8.0.4-20.23.1
      Mesa-libGLU1-debuginfo-32bit-8.0.4-20.23.1
      Mesa-libIndirectGL1-32bit-8.0.4-20.23.1
      Mesa-libIndirectGL1-debuginfo-32bit-8.0.4-20.23.1
      Mesa-libglapi0-32bit-8.0.4-20.23.1
      Mesa-libglapi0-debuginfo-32bit-8.0.4-20.23.1
      libOSMesa8-32bit-8.0.4-20.23.1
      libOSMesa8-debuginfo-32bit-8.0.4-20.23.1
      libXvMC_nouveau-32bit-8.0.4-20.23.1
      libXvMC_nouveau-debuginfo-32bit-8.0.4-20.23.1
      libXvMC_r300-32bit-8.0.4-20.23.1
      libXvMC_r300-debuginfo-32bit-8.0.4-20.23.1
      libXvMC_r600-32bit-8.0.4-20.23.1
      libXvMC_r600-debuginfo-32bit-8.0.4-20.23.1
      libXvMC_softpipe-32bit-8.0.4-20.23.1
      libXvMC_softpipe-debuginfo-32bit-8.0.4-20.23.1
      libgbm-devel-32bit-0.0.0-20.23.1
      libgbm1-32bit-0.0.0-20.23.1
      libgbm1-debuginfo-32bit-0.0.0-20.23.1
      libvdpau_nouveau-32bit-8.0.4-20.23.1
      libvdpau_nouveau-debuginfo-32bit-8.0.4-20.23.1
      libvdpau_r300-32bit-8.0.4-20.23.1
      libvdpau_r300-debuginfo-32bit-8.0.4-20.23.1
      libvdpau_r600-32bit-8.0.4-20.23.1
      libvdpau_r600-debuginfo-32bit-8.0.4-20.23.1
      libvdpau_softpipe-32bit-8.0.4-20.23.1
      libvdpau_softpipe-debuginfo-32bit-8.0.4-20.23.1

References:

   http://support.novell.com/security/cve/CVE-2013-1993.html
   https://bugzilla.novell.com/814947
   https://bugzilla.novell.com/815451
   https://bugzilla.novell.com/821855

openSUSE-SU-2013:0865-1: moderate: Mesa: security and bugfix update

opensuse-security＠opensuse.org