[ubuntu/trusty-security] libsdl2 2.0.2+dfsg1-3ubuntu1.3 (Accepted)
Avital Ostromich
avital.ostromich at canonical.com
Mon Sep 30 14:10:29 UTC 2019
libsdl2 (2.0.2+dfsg1-3ubuntu1.3) trusty-security; urgency=medium
* SECURITY UPDATE: heap-based buffer over-read in Fill_IMA_ADPCM_block
- debian/patches/CVE-2017-2888.diff: check var size before mallocing pixels
- debian/patches/CVE-2017-2888_CVE-2019-7637.diff: assert size of int
before mallocing
- CVE-2017-2888
- CVE-2019-7637
* SECURITY UPDATE: heap-based buffer over-read in Blit1to4
- debian/patches/CVE-2019-7635.diff: add error checking to SDL_LoadBMP_RW
- CVE-2019-7635
* SECURITY UPDATE: heap-based buffer over-read in Map1toN and SDL_GetRGB
- debian/patches/CVE-2019-7636_CVE-2019-7638.patch: add error checking to
SDL_LoadBMP_RW
- CVE-2019-7636
- CVE-2019-7638
Date: 2019-09-26 18:53:14.667897+00:00
Changed-By: Avital Ostromich <avital.ostromich at canonical.com>
https://launchpad.net/ubuntu/+source/libsdl2/2.0.2+dfsg1-3ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list