| Release | Version |
|---|---|
| jessie | 10.3.2-1+deb8u2 |
| stretch | 13.0.6-1 |
| buster | 18.3.6-2+deb10u1 |
| bullseye | 20.3.5-1 |
| bookworm | 22.3.6-1+deb12u1 |
| trixie | 23.3.5-1 |
| sid | 24.0.6-1 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-5068 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | An exploitable shared memory permissions vulnerability exists in the f ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-45931 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Mesa 23.0.4 was discovered to contain a NULL pointer dereference in ch ... |
| CVE-2023-45922 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation ... |
| CVE-2023-45919 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Mesa 23.0.4 was discovered to contain a buffer over-read in glXQuerySe ... |
| CVE-2023-45913 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Mesa v23.0.4 was discovered to contain a NULL pointer dereference via ... |
| Bug | Description |
|---|---|
| CVE-2013-1993 | Multiple integer overflows in X.org libGLX in Mesa 9.1.1 and earlier a ... |
| CVE-2013-1872 | The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent atta ... |
| CVE-2012-5129 | Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS ... |
| CVE-2012-2864 | Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, C ... |
| DSA / DLA | Description |
|---|---|
| DLA-1993-1 | mesa - security update |
| ELA-189-1 | mesa - security update |
| DSA-2704-1 | mesa - out of bounds access |
| DSA-2678-1 | mesa - several |