-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : mesa Version : 10.3.2-1+deb8u2 CVE ID : CVE-2019-5068 Debian Bug : 944298
Tim Brown discovered a shared memory permissions vulnerability in the Mesa 3D graphics library. Some Mesa X11 drivers use shared-memory XImages to implement back buffers for improved performance, but Mesa creates shared memory regions with permission mode 0777. An attacker can access the shared memory without any specific permissions. For Debian 8 "Jessie", this problem has been fixed in version 10.3.2-1+deb8u2. We recommend that you upgrade your mesa packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEQic8GuN/xDR88HkSj/HLbo2JBZ8FAl3OsWIACgkQj/HLbo2J BZ85LwgAqmYHkjAgp1KlEiN+u53/R/SaMJutBdkOV14QGOM3fMvtdgke2hKD4N8J NFtiCPq2aLLQxn2wXFX7gCt984YXHXv/vPhDX6gHzQfwGS6f7pYA8663zc4CNcty JbnHFA98NyjpXqD3nlY4XLGDgzRg3k12NQ4QFUozV6YBE/ZGVJ27DUn2iVEXM6JB 6gvMy98/THuM11Pqv7Sqs1mvJB4ELe7J1iEweeBW81KjcHSpwqYSvgKGoERJFxw0 D0UJofPv/O82D6Uf9dW0VbpHOI5EjblZTfTQTEeGwNY5Mfq/gOTS6cUFr0cmfzd6 REz+f5EVwqEFYfVphj3EidGzZ1FCbw== =sLYh -----END PGP SIGNATURE-----