7.143. mesa

Updated mesa packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.

Note

The mesa packages have been upgraded to upstream version 9.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#835200)

Bug Fixes

BZ#786508, BZ#820746
If the user logged in from Red Hat Enterprise Linux 5 to a Red Hat Enterprise Linux 6 machine by using the "ssh" command with the "-Y" option, an attempt to run an application that uses GLX failed with the "Error: couldn't find RGB GLX visual or fbconfig" error message. This bug has been fixed and the remote login now works as expected.
BZ#885882
Due to an error in the mesa packages, using the multisample anti-aliasing (MSAA) technique with the KWin window manager caused errors in the desktop compositing. This update provides a patch that fixes this bug and MSAA now works correctly with the KWin window manager.
BZ#901627
Previously, when connecting to a remote machine using SSH with the X11 forwarding enabled caused a "failed to load driver: i965" error in the libGL library. With this update, a patch has been provided to fix this bug and drivers are now loaded as expected.

Enhancements

BZ#816661
An accelerated driver for Intel Core i5 and i7 processors has been added to the mesa packages.
BZ#835201
This update adds the new mesa-dril-drivers package to mesa. This package implements support for the DRI1 drivers.
All users of mesa are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links associated with each description below.
Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.

Security Fixes

CVE-2013-1872
An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
CVE-2013-1993
It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect.