PublicDateAtUSN: 2013-05-23 15:00:00 UTC
Candidate: CVE-2013-1993
CRD: 2013-05-23 15:00:00 UTC
PublicDate: 2013-06-15 19:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1993
 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23
 http://www.debian.org/security/2013/dsa-2678
 https://ubuntu.com/security/notices/USN-1888-1
Description:
 Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier allow
 X servers to trigger allocation of insufficient memory and a buffer
 overflow via vectors related to the (1) XF86DRIOpenConnection and (2)
 XF86DRIGetClientDriverName functions.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by: Ilja van Sprundel
Assigned-to: mdeslaur
CVSS: 

Patches_mesa:
 upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=2e5a268f18be30df15aed0b44b01a18a37fb5df4
 upstream: http://cgit.freedesktop.org/mesa/mesa/commit?id=306f630e676eb901789dd09a0f30d7e7fa941ebe
upstream_mesa: needed
lucid_mesa: ignored (reached end-of-life)
precise_mesa: released (8.0.4-0ubuntu0.6)
quantal_mesa: released (9.0.3-0ubuntu0.2)
raring_mesa: released (9.1.3-0ubuntu0.3)
devel_mesa: released (9.1.3-0ubuntu4)