openSUSE Security Update : Mesa (openSUSE-2013-366)

medium Nessus Plugin ID 74977

Synopsis

The remote openSUSE host is missing a security update.

Description

This Mesa update fixes the following security bug: CVE-2013-1993:
Integer overflows in XF86DRIOpenConnection and XF86DRIGetClientDriverName were fixed that could lead to client crashes when using a malicious X server.

This update fixes the following issue for Mesa on openSUSE 12.3 :

- bnc#814947, fdo#62141: Make sure we do render between two hiz flushes

Solution

Update the affected Mesa packages.

See Also

https://bugs.freedesktop.org/show_bug.cgi?id=62141

https://bugzilla.novell.com/show_bug.cgi?id=814947

https://bugzilla.novell.com/show_bug.cgi?id=815451

https://bugzilla.novell.com/show_bug.cgi?id=821855

https://lists.opensuse.org/opensuse-updates/2013-06/msg00007.html

Plugin Details

Severity: Medium

ID: 74977

File Name: openSUSE-2013-366.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:mesa-libglesv2-2, p-cpe:/a:novell:opensuse:mesa-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libegl-devel, p-cpe:/a:novell:opensuse:mesa-libglapi-devel-32bit, p-cpe:/a:novell:opensuse:mesa-debuginfo, p-cpe:/a:novell:opensuse:libgbm-devel, p-cpe:/a:novell:opensuse:mesa-32bit, p-cpe:/a:novell:opensuse:libxvmc_nouveau-debuginfo-32bit, p-cpe:/a:novell:opensuse:libvdpau_r600-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv2-2-debuginfo, p-cpe:/a:novell:opensuse:libxvmc_softpipe-32bit, p-cpe:/a:novell:opensuse:libosmesa9-debuginfo-32bit, p-cpe:/a:novell:opensuse:libosmesa8-debuginfo, p-cpe:/a:novell:opensuse:libxvmc_nouveau-debuginfo, p-cpe:/a:novell:opensuse:mesa-libgl1, p-cpe:/a:novell:opensuse:libvdpau_nouveau-32bit, p-cpe:/a:novell:opensuse:libxvmc_r600-debuginfo, p-cpe:/a:novell:opensuse:libvdpau_nouveau-debuginfo, p-cpe:/a:novell:opensuse:libvdpau_r600, p-cpe:/a:novell:opensuse:mesa-libgl-devel, p-cpe:/a:novell:opensuse:mesa-libgl1-32bit, p-cpe:/a:novell:opensuse:mesa-libindirectgl1, p-cpe:/a:novell:opensuse:libxvmc_softpipe-debuginfo-32bit, p-cpe:/a:novell:opensuse:libvdpau_softpipe-debuginfo-32bit, p-cpe:/a:novell:opensuse:libxvmc_r600-debuginfo-32bit, p-cpe:/a:novell:opensuse:libvdpau_r300, p-cpe:/a:novell:opensuse:mesa-libglu1-32bit, p-cpe:/a:novell:opensuse:mesa-libglapi0-debuginfo, p-cpe:/a:novell:opensuse:libosmesa-devel, p-cpe:/a:novell:opensuse:libgbm-devel-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv2-devel, p-cpe:/a:novell:opensuse:mesa-libindirectgl1-debuginfo, p-cpe:/a:novell:opensuse:mesa-libegl1-debuginfo, p-cpe:/a:novell:opensuse:mesa-libglesv1_cm-devel-32bit, p-cpe:/a:novell:opensuse:mesa-libindirectgl1-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libegl1, p-cpe:/a:novell:opensuse:libvdpau_r300-debuginfo, p-cpe:/a:novell:opensuse:libxvmc_r300-32bit, p-cpe:/a:novell:opensuse:mesa-libglapi0-32bit, p-cpe:/a:novell:opensuse:libxvmc_r600, p-cpe:/a:novell:opensuse:libosmesa8-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libgl-devel-32bit, p-cpe:/a:novell:opensuse:mesa-libindirectgl-devel-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv1_cm-devel, p-cpe:/a:novell:opensuse:mesa-libegl1-debuginfo-32bit, p-cpe:/a:novell:opensuse:libgbm1-debuginfo, cpe:/o:novell:opensuse:12.2, p-cpe:/a:novell:opensuse:mesa-libegl-devel-32bit, p-cpe:/a:novell:opensuse:mesa-libglu-devel-32bit, p-cpe:/a:novell:opensuse:libgbm1-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libglu1-debuginfo-32bit, p-cpe:/a:novell:opensuse:libosmesa8, p-cpe:/a:novell:opensuse:mesa-libglu1, p-cpe:/a:novell:opensuse:mesa-debugsource, p-cpe:/a:novell:opensuse:mesa-libgl1-debuginfo, p-cpe:/a:novell:opensuse:libgbm1, p-cpe:/a:novell:opensuse:mesa-libegl1-32bit, p-cpe:/a:novell:opensuse:libxvmc_r600-32bit, p-cpe:/a:novell:opensuse:libvdpau_softpipe-debuginfo, p-cpe:/a:novell:opensuse:libvdpau_softpipe, p-cpe:/a:novell:opensuse:libxvmc_softpipe-debuginfo, p-cpe:/a:novell:opensuse:libxvmc_r300-debuginfo, p-cpe:/a:novell:opensuse:libvdpau_softpipe-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv2-2-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libglapi-devel, p-cpe:/a:novell:opensuse:libvdpau_r600-debuginfo, cpe:/o:novell:opensuse:12.3, p-cpe:/a:novell:opensuse:libosmesa-devel-32bit, p-cpe:/a:novell:opensuse:libvdpau_r300-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv2-2-32bit, p-cpe:/a:novell:opensuse:libxvmc_softpipe, p-cpe:/a:novell:opensuse:libxvmc_nouveau, p-cpe:/a:novell:opensuse:mesa-libglesv1_cm1-debuginfo, p-cpe:/a:novell:opensuse:libvdpau_nouveau, p-cpe:/a:novell:opensuse:libxatracker1, p-cpe:/a:novell:opensuse:mesa-libglesv1_cm1, p-cpe:/a:novell:opensuse:mesa-libglesv1_cm1-32bit, p-cpe:/a:novell:opensuse:libvdpau_r300-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libglapi0-debuginfo-32bit, p-cpe:/a:novell:opensuse:libosmesa9-debuginfo, p-cpe:/a:novell:opensuse:libxvmc_r300, p-cpe:/a:novell:opensuse:mesa-libindirectgl1-32bit, p-cpe:/a:novell:opensuse:mesa-libglapi0, p-cpe:/a:novell:opensuse:libosmesa9, p-cpe:/a:novell:opensuse:libvdpau_nouveau-debuginfo-32bit, p-cpe:/a:novell:opensuse:libvdpau_r600-32bit, p-cpe:/a:novell:opensuse:libosmesa8-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv1_cm1-debuginfo-32bit, p-cpe:/a:novell:opensuse:libosmesa9-32bit, p-cpe:/a:novell:opensuse:libxatracker-devel, p-cpe:/a:novell:opensuse:libgbm1-32bit, p-cpe:/a:novell:opensuse:mesa-libindirectgl-devel, p-cpe:/a:novell:opensuse:libxvmc_r300-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-devel, p-cpe:/a:novell:opensuse:mesa-libglu-devel, p-cpe:/a:novell:opensuse:mesa-libgl1-debuginfo-32bit, p-cpe:/a:novell:opensuse:mesa-libglu1-debuginfo, p-cpe:/a:novell:opensuse:mesa, p-cpe:/a:novell:opensuse:libxvmc_nouveau-32bit, p-cpe:/a:novell:opensuse:mesa-devel-32bit, p-cpe:/a:novell:opensuse:mesa-libglesv2-devel-32bit, p-cpe:/a:novell:opensuse:libxatracker1-debuginfo

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 5/29/2013

Reference Information

CVE: CVE-2013-1993