7.143. mesa
Updated mesa packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.
Note
The mesa packages have been upgraded to upstream version 9.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#835200)
Bug Fixes
- BZ#786508, BZ#820746
- If the user logged in from Red Hat Enterprise Linux 5 to a Red Hat Enterprise Linux 6 machine by using the "ssh" command with the "-Y" option, an attempt to run an application that uses GLX failed with the "Error: couldn't find RGB GLX visual or fbconfig" error message. This bug has been fixed and the remote login now works as expected.
- BZ#885882
- Due to an error in the mesa packages, using the multisample anti-aliasing (MSAA) technique with the KWin window manager caused errors in the desktop compositing. This update provides a patch that fixes this bug and MSAA now works correctly with the KWin window manager.
- BZ#901627
- Previously, when connecting to a remote machine using SSH with the X11 forwarding enabled caused a "failed to load driver: i965" error in the libGL library. With this update, a patch has been provided to fix this bug and drivers are now loaded as expected.
Enhancements
- BZ#816661
- An accelerated driver for Intel Core i5 and i7 processors has been added to the mesa packages.
- BZ#835201
- This update adds the new mesa-dril-drivers package to mesa. This package implements support for the DRI1 drivers.
All users of mesa are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links associated with each description below.
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.
Security Fixes
- CVE-2013-1872
- An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
- CVE-2013-1993
- It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect.
