-
libsdl1.2 (1.2.14-6.4ubuntu3.2) precise-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2019-13616.patch: validate image size
when loading BMP files in src/video/SDL_bmp.c.
- CVE-2019-13616
* SECURITY UPDATE: Buffer over-read
- debian/patches/CVE-2019-7572*.patch: moving clamping the index
value at beginning of IMA_ADPCM_nibble in src/audio/SDL_wave.c.
- CVE-2019-7572
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2019-7573-76.patch: check if MS ADPCK chunk
was too short in src/audio/SDL_wave.c.
- CVE-2019-7573
- CVE-2019-7576
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2019-7574.patch: check if data chunk
was shorter than expected based on WAF format in
src/audio/SDL_wave.c.
- CVE-2019-7574
* SECURITY UPDATE: Heap-based buffer overflow and buffer over-read
- debian/patches/CVE-2019-7575-77-2.patch: check if
a WAV format defines shorter audio stream in
src/audio/SDL_wave.c.
- debian/patches/CVE-2019-7577.patch: checks overread in
src/audio/SDL_wave.c.
- CVE-2019-7575
- CVE-2019-7577
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2019-7578.patch: fix in
src/audio/SDL_wave.c.
- CVE-2019-7578
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2019-7635.patch: fix in
src/video/SDL_bmp.c.
- CVE-2019-7635
* SECURITY UPDATE: heap-baed buffer over-read
- debian/patches/CVE-2019-7636.patch: fix in
src/video/SDL_bmp.c.
- CVE-2019-7636
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2019-7637*.patch: fix in
src/video/SDL_pixels.c, src/video/gapi/SDL_gapivideo.c.
- CVE-2019-7637
* fixing a patch error
- debian/patches/fix_error_patching*.patch: in
src/audio/SDL_wave.c, src/video/SDL_pixels.c.
-- <email address hidden> (Leonidas S. Barbosa) Tue, 15 Oct 2019 14:39:37 -0300
-
libsdl1.2 (1.2.14-6.4ubuntu3.1) precise-security; urgency=medium
* SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
- debian/control: change Build-Depends to libx11 security update
- CVE-2013-7439
-- Marc Deslauriers <email address hidden> Mon, 13 Apr 2015 08:17:25 -0400
-
libsdl1.2 (1.2.14-6.4ubuntu3) precise; urgency=low
* Rebuild to pick new audiofile's shlibs (LP: #922036)
-- Alessio Treglia <email address hidden> Fri, 27 Jan 2012 12:43:59 +0100
-
libsdl1.2 (1.2.14-6.4ubuntu2) precise; urgency=low
* Pull from Debian git to get multiarch support in:
[ Felix Geyer ]
* Remove all patches that were disabled.
* Switch to source format 3.0 (quilt).
* Simplify debian/rules by using dh(1).
* Drop ancient Conflicts/Replaces.
* Disable the PlayStation 3 Cell driver on ppc64. (Closes: #644908)
* Update Vcs control fields to the new git repository. (Closes: #615902)
* Drop sequence numbers from the patch filenames.
* Fix: SDL_BlitCopyOverlap() copies data between overlapping bitmaps.
(Closes: #626048)
- Add sdlblit_memcpy_fix.diff, cherry-picked from upstream.
* Set _NET_WM_PID property in X11 windows which is used by GNOME Shell and the
Unity desktop.
- Add x11_add_support_NET_WM_PID.diff from Ubuntu / Marco Trevisan.
* Bump Standards-Version to 3.9.2, no further changes necessary.
* Override package-name-doesnt-match-sonames lintian warning.
* Add a debug package. (Closes: #600292)
* Add myself as uploader.
* Switch to debhelper compat level v9.
- Convert to multiarch. (Closes: #636605)
- Exports hardening build flags.
* Remove the .la file.
[ Dominique Dumont ]
* control: replaced XC-Package-Type with Package-Type tag
-- Steve Langasek <email address hidden> Thu, 29 Dec 2011 17:55:26 -0800
-
libsdl1.2 (1.2.14-6.4ubuntu1) precise; urgency=low
* Merge from Debian testing (LP: #898147), remaining changes:
- Drop directfb support. This is the only package which still pulls the
rather sizable directfb into a standard installation, and we never
actually used/supported it anyway. Drop directfb build/binary dependencies
and libsdl1.2debian-udeb package; don't build udeb flavour and drop
--enable-video-directfb from confflags.
- Disable PlayStation 3 Cell driver on ppc64 as well as on powerpc.
- Replace memcpy by memmove in SDL_blit.c, as per SDL bug 1090
see http://hg.libsdl.org/SDL/rev/d898ee5431f5
- Add 321_x11_add_support_to__NET_WM_PID.diff to support pid exportation
in each x11 SDL window, needed mostly by pygame and BAMF.
libsdl1.2 (1.2.14-6.4) unstable; urgency=low
* Non-maintainer upload.
* Build improvements from Guillem Jover that should really have gone
with the previous upload. Closes: #614332.
+ Line-wrap build-depends.
+ Use -any syntax for architecture-specific stuff.
+ Fix cross-compilation by using DEB_HOST_* variables.
+ Update or remove non-existing configure flags.
+ Forbid dlopening for X11.
* Use --enable-debug with the debug keyword, not the noopt one.
* Refactor configure options.
* Disable NAS. We have PulseAudio now.
* Pass --disable-loadso, just to be sure.
libsdl1.2 (1.2.14-6.3) unstable; urgency=low
* Non-maintainer upload with maintainer’s approval.
* Merge all builds into a single one, there is no more a reason to
keep all these packages.
* Remove support for libaa (there’s libcaca), libsvga (directfb
supports more architectures) and libesd (pulseaudio does much more).
* Remove obsolete sys-build.mk from source directory.
libsdl1.2 (1.2.14-6.2) unstable; urgency=low
* Non-maintainer upload.
* Remove arts as build dependency as is being removed from the archive
(Closes: #620982, #581231).
- Remove libsdl1.2debian-arts.
- Remove references to arts in other packages that this source provides.
- Pass --disable-arts to the configure script.
[ Ana Beatriz Guerrero Lopez ]
* Update uploaders, remove aurel32, joss and sho.
-- Felix Geyer <email address hidden> Wed, 30 Nov 2011 13:46:31 +0100
-
libsdl1.2 (1.2.14-6.1ubuntu5) precise; urgency=low
* No-change rebuild to drop spurious libsfgcc1 dependency on armhf.
-- Adam Conrad <email address hidden> Fri, 02 Dec 2011 17:34:37 -0700
-
libsdl1.2 (1.2.14-6.1ubuntu4) oneiric; urgency=low
* Added 321_x11_add_support_to__NET_WM_PID.diff to support pid exportation
in each x11 SDL window, needed mostly by pygame and BAMF (LP: #777417).
-- Marco Trevisan (Trevino) <mail@3v1n0.net> Wed, 06 Jul 2011 15:07:19 +0200
