It was discovered that Mesa incorrectly handled certain arrays. An attacker could use this issue to cause Mesa to crash, resulting in a denial of service, or possibly execute arbitrary code.
Updated packages are available from security.ubuntu.com.
========================================================================== Ubuntu Security Notice USN-1623-1 November 05, 2012 mesa vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: Mesa could be made to crash or run programs if it processed specially crafted data. Software Description: - mesa: free implementation of the EGL API Details: It was discovered that Mesa incorrectly handled certain arrays. An attacker could use this issue to cause Mesa to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: libegl1-mesa 8.0.4-0ubuntu0.2 libgl1-mesa-dri 8.0.4-0ubuntu0.2 libgl1-mesa-glx 8.0.4-0ubuntu0.2 libglapi-mesa 8.0.4-0ubuntu0.2 libgles1-mesa 8.0.4-0ubuntu0.2 libgles2-mesa 8.0.4-0ubuntu0.2 libglu1-mesa 8.0.4-0ubuntu0.2 libopenvg1-mesa 8.0.4-0ubuntu0.2 libosmesa6 8.0.4-0ubuntu0.2 libxatracker1 8.0.4-0ubuntu0.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1623-1 CVE-2012-2864 Package Information: https://launchpad.net/ubuntu/+source/mesa/8.0.4-0ubuntu0.2