diff -Nru libsdl1.2-1.2.15+dfsg2/debian/changelog libsdl1.2-1.2.15+dfsg2/debian/changelog
--- libsdl1.2-1.2.15+dfsg2/debian/changelog	2019-10-15 13:49:28.000000000 +0000
+++ libsdl1.2-1.2.15+dfsg2/debian/changelog	2022-04-18 21:44:16.000000000 +0000
@@ -1,3 +1,13 @@
+libsdl1.2 (1.2.15+dfsg2-0.1ubuntu0.2) bionic-security; urgency=medium
+
+  * SECURITY UPDATE: Heap-based buffer overflow
+    - debian/patches/CVE-2021-33657.patch: allocate enough size to handle
+      possible larger values with a 256-entry map in Map1to1 and Map1toN
+      functions in src/video/SDL_pixels.c.
+    - CVE-2021-33657
+
+ -- Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com>  Mon, 18 Apr 2022 18:44:16 -0300
+
 libsdl1.2 (1.2.15+dfsg2-0.1ubuntu0.1) bionic-security; urgency=medium
 
   * SECURITY UPDATE: Multiple security issues
diff -Nru libsdl1.2-1.2.15+dfsg2/debian/patches/CVE-2021-33657.patch libsdl1.2-1.2.15+dfsg2/debian/patches/CVE-2021-33657.patch
--- libsdl1.2-1.2.15+dfsg2/debian/patches/CVE-2021-33657.patch	1970-01-01 00:00:00.000000000 +0000
+++ libsdl1.2-1.2.15+dfsg2/debian/patches/CVE-2021-33657.patch	2022-04-18 21:44:05.000000000 +0000
@@ -0,0 +1,35 @@
+[Ubuntu note: Backport of the following commit with indentation change to
+match with the current code baseline.
+--Rodrigo Figueiredo Zaiden]
+
+From 8c91cf7dba5193f5ce12d06db1336515851c9ee9 Mon Sep 17 00:00:00 2001
+From: Sam Lantinga <slouken@libsdl.org>
+Date: Tue, 30 Nov 2021 12:36:46 -0800
+Subject: [PATCH] Always create a full 256-entry map in case color values are
+ out of range
+
+Fixes https://github.com/libsdl-org/SDL/issues/5042
+---
+ src/video/SDL_pixels.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- libsdl1.2-1.2.15+dfsg2.orig/src/video/SDL_pixels.c
++++ libsdl1.2-1.2.15+dfsg2/src/video/SDL_pixels.c
+@@ -477,7 +477,7 @@ static Uint8 *Map1to1(SDL_Palette *src,
+ 		}
+ 		*identical = 0;
+ 	}
+-	map = (Uint8 *)SDL_malloc(src->ncolors);
++	map = (Uint8 *)SDL_calloc(256, sizeof(Uint8));
+ 	if ( map == NULL ) {
+ 		SDL_OutOfMemory();
+ 		return(NULL);
+@@ -498,7 +498,7 @@ static Uint8 *Map1toN(SDL_PixelFormat *s
+ 	SDL_Palette *pal = src->palette;
+ 
+ 	bpp = ((dst->BytesPerPixel == 3) ? 4 : dst->BytesPerPixel);
+-	map = (Uint8 *)SDL_malloc(pal->ncolors*bpp);
++	map = (Uint8 *)SDL_calloc(256, bpp);
+ 	if ( map == NULL ) {
+ 		SDL_OutOfMemory();
+ 		return(NULL);
diff -Nru libsdl1.2-1.2.15+dfsg2/debian/patches/series libsdl1.2-1.2.15+dfsg2/debian/patches/series
--- libsdl1.2-1.2.15+dfsg2/debian/patches/series	2019-10-15 13:49:15.000000000 +0000
+++ libsdl1.2-1.2.15+dfsg2/debian/patches/series	2022-04-18 21:44:00.000000000 +0000
@@ -15,3 +15,4 @@
 CVE-2019-7637-2.patch
 CVE-2019-7577-1_2.patch
 CVE-2019-13616.patch
+CVE-2021-33657.patch