-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2704-1 security@debian.org http://www.debian.org/security/ Raphael Geissert June 09, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mesa Vulnerability : out of bounds access Problem type : remote Debian-specific: no CVE ID : CVE-2013-1872 It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. The oldstable distribution (squeeze) is not affected by this problem. For the stable distribution (wheezy), this problem has been fixed in version 8.0.5-4+deb7u2. For the unstable distribution (sid), this problem has been fixed in version 8.0.5-7. We recommend that you upgrade your mesa packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlG0+TEACgkQYy49rUbZzlqRZACfQkGTJ24Ee4N5PH2hVzic0vRu tkYAnRS15FAeP44cbM4AVf0H19K0Rxhi =LqZn -----END PGP SIGNATURE-----