Publishing details

Changelog

libsdl2 (2.0.2+dfsg1-3ubuntu1.3) trusty-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer over-read in Fill_IMA_ADPCM_block
    - debian/patches/CVE-2017-2888.diff: check var size before mallocing pixels
    - debian/patches/CVE-2017-2888_CVE-2019-7637.diff: assert size of int
      before mallocing
    - CVE-2017-2888
    - CVE-2019-7637
  * SECURITY UPDATE: heap-based buffer over-read in Blit1to4
    - debian/patches/CVE-2019-7635.diff: add error checking to SDL_LoadBMP_RW
    - CVE-2019-7635
  * SECURITY UPDATE: heap-based buffer over-read in Map1toN and SDL_GetRGB
    - debian/patches/CVE-2019-7636_CVE-2019-7638.patch: add error checking to
      SDL_LoadBMP_RW
    - CVE-2019-7636
    - CVE-2019-7638

 -- Avital Ostromich <email address hidden>  Wed, 25 Sep 2019 11:26:34 -0400

Available diffs

Builds

Built packages

Package files