{"id":"MGASA-2013-0186","summary":"Updated X.org packages fix multiple security vulnerabilities","details":"Ilja van Sprundel of IOActive discovered several security issues in multiple\ncomponents of the X.org graphics stack and the related libraries: Various\ninteger overflows, sign handling errors in integer conversions, buffer\noverflows, memory corruption and missing input sanitising may lead to\nprivilege escalation or denial of service (CVE-2013-1981, CVE-2013-1982,\nCVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987,\nCVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-1992,\nCVE-2013-1993, CVE-2013-1994, CVE-2013-1995, CVE-2013-1996, CVE-2013-1997,\nCVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002,\nCVE-2013-2003, CVE-2013-2004, CVE-2013-2005, CVE-2013-2062, CVE-2013-2063,\nCVE-2013-2064, CVE-2013-2066).\n\nAn out-of-bounds access flaw was found in Mesa. If an application using\nMesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does\nthis), an attacker could cause the application to crash or, potentially,\nexecute arbitrary code with the privileges of the user running the\napplication (CVE-2013-1872).\n","modified":"2026-02-04T04:32:35.245955Z","published":"2013-06-26T18:17:24Z","related":["CVE-2013-1872","CVE-2013-1981","CVE-2013-1982","CVE-2013-1983","CVE-2013-1984","CVE-2013-1985","CVE-2013-1986","CVE-2013-1987","CVE-2013-1988","CVE-2013-1989","CVE-2013-1990","CVE-2013-1991","CVE-2013-1992","CVE-2013-1993","CVE-2013-1994","CVE-2013-1995","CVE-2013-1996","CVE-2013-1997","CVE-2013-1998","CVE-2013-1999","CVE-2013-2000","CVE-2013-2001","CVE-2013-2002","CVE-2013-2003","CVE-2013-2004","CVE-2013-2005","CVE-2013-2062","CVE-2013-2063","CVE-2013-2064","CVE-2013-2066"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0186.html"},{"type":"REPORT","url":"http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2013-0897.html"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2673"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2674"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2675"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2676"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2677"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2678"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2679"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2680"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2681"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2682"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2683"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2684"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2685"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2686"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2687"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2688"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2689"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2690"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2691"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2692"},{"type":"REPORT","url":"http://www.debian.org/security/2013/dsa-2693"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=10565"}],"affected":[{"package":{"name":"libdmx","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libdmx?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.3-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libfs","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libfs?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.5-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libx11","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libx11?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.0-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxcb","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxcb?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.9.1-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxcursor","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxcursor?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.14-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxext","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxext?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.2-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxfixes","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxfixes?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.1-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxi","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxi?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.2.901-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxinerama","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxinerama?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.3-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxp","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxp?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.2-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxrandr","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxrandr?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.1-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxrender","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxrender?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.8-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxres","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxres?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.7-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxt","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxt?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.4-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxtst","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxtst?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.2-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxv","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxv?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.8-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxvmc","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxvmc?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.8-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxxf86dga","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxxf86dga?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.4-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"libxxf86vm","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libxxf86vm?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.3-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"mesa","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mesa?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.1.3-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"x11-driver-video-openchrome","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/x11-driver-video-openchrome?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.3.3-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}},{"package":{"name":"mesa","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mesa?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.1.3-1.1.mga3.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0186.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}