Publishing details

Changelog

libsdl2 (2.0.4+dfsg1-2ubuntu2.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer over-read in Fill_IMA_ADPCM_block
    - debian/patches/CVE-2017-2888.diff: check var size before mallocing pixels
    - debian/patches/CVE-2017-2888_CVE-2019-7637.diff: assert size of int
      before mallocing
    - CVE-2017-2888
    - CVE-2019-7637
  * SECURITY UPDATE: heap-based buffer over-read in Blit1to4
    - debian/patches/CVE-2019-7635.diff: add error checking to SDL_LoadBMP_RW
    - CVE-2019-7635
  * SECURITY UPDATE: heap-based buffer over-read in Map1toN and
     SDL_GetRGB
    - debian/patches/CVE-2019-7636_CVE-2019-7638.patch: add error checking to
      SDL_LoadBMP_RW
    - CVE-2019-7636
    - CVE-2019-7638
  * Package failed to build from source
    - debian/patches/ftbfs.diff: Add wl_proxy_marshal_constructor_versioned sym

 -- Avital Ostromich <email address hidden>  Wed, 28 Aug 2019 14:45:27 -0400

Available diffs

Builds

Built packages

Package files