Debian Security Advisory

DSA-2704-1 mesa -- out of bounds access

Date Reported:
09 Jun 2013
Affected Packages:
mesa
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2013-1872.
More information:

It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets.

The oldstable distribution (squeeze) is not affected by this problem.

For the stable distribution (wheezy), this problem has been fixed in version 8.0.5-4+deb7u2.

For the unstable distribution (sid), this problem has been fixed in version 8.0.5-7.

We recommend that you upgrade your mesa packages.