Format: 1.8
Date: Fri, 10 Jan 2020 12:49:04 -0300
Source: sdl-image1.2
Binary: libsdl-image1.2 libsdl-image1.2-dev
Architecture: amd64
Version: 1.2.12-8ubuntu0.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-026.buildd>
Changed-By: Eduardo Barretto <eduardo.barretto@canonical.com>
Description:
 libsdl-image1.2 - Image loading library for Simple DirectMedia Layer 1.2, libraries
 libsdl-image1.2-dev - Image loading library for Simple DirectMedia Layer 1.2, developme
Changes:
 sdl-image1.2 (1.2.12-8ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Arbitrary code execution in the XCF image rendering
     - debian/patches/CVE-2018-3977.patch: Fix potential buffer overflow on
       corrupt or maliciously-crafted XCF file.
     - CVE-2018-3977
   * SECURITY UPDATE: Buffer overflows in IMG_pcx.c
     - debian/patches/IMG_pcx-out-of-bounds.patch: fix multiple OOB issues in
       IMG_pcx.c
     - CVE-2019-5051
     - CVE-2019-12217
     - CVE-2019-12219
     - CVE-2019-12220
     - CVE-2019-12221
     - CVE-2019-12222
   * SECURITY UPDATE: Integer overflow when loading a PCX file
     - debian/patches/CVE-2019-5052.patch: Fix invalid data read on bpl == -1.
     - CVE-2019-5052
   * SECURITY UPDATE: Heap-based buffer over-read in Blit1to4()
     - debian/patches/CVE-2019-7635.patch: fix Heap-Buffer Overflow in
       Blit1to4().
     - CVE-2019-7635
   * SECURITY UPDATE: Heap buffer overflow in IMG_pcx.c
     - debian/patches/CVE-2019-12218.patch: fix heap buffer overflow issue in
       IMG_pcx.c
     - CVE-2019-12218
     - CVE-2019-12216
   * SECURITY UPDATE: Heap-based buffer over-read in BlitNtoN()
     - debian/patches/CVE-2019-13616.patch: validate image size when loading
       BMP files.
     - CVE-2019-13616
Checksums-Sha1:
 55269a518304a781a0921830c28765ba4f1fb761 67480 libsdl-image1.2-dbgsym_1.2.12-8ubuntu0.1_amd64.ddeb
 51a7f09a341977c04499986bb9520a890895ce1a 32616 libsdl-image1.2-dev_1.2.12-8ubuntu0.1_amd64.deb
 05a7954877c36e5c72b661bca066b9361e965ed0 30280 libsdl-image1.2_1.2.12-8ubuntu0.1_amd64.deb
 92cf41db9f51645039ddd9b099687c6b5406fde8 10626 sdl-image1.2_1.2.12-8ubuntu0.1_amd64.buildinfo
Checksums-Sha256:
 123c17bb9e156aa04f0530f814e4811d58451a2bbe2fa9f462a5149867b77c31 67480 libsdl-image1.2-dbgsym_1.2.12-8ubuntu0.1_amd64.ddeb
 745c1a16c38bd5fc0ffa537bf881cdb89704334cd5419f9b6e765cf49d7ba7a1 32616 libsdl-image1.2-dev_1.2.12-8ubuntu0.1_amd64.deb
 3d7079394a7f8c6d98b581e344e368b51ce1003d13c417fac70c988cf751abd9 30280 libsdl-image1.2_1.2.12-8ubuntu0.1_amd64.deb
 cb68d6d78b7e72d55b6a232d8bf8f4b048d94f21934c98575400a2130f6325b9 10626 sdl-image1.2_1.2.12-8ubuntu0.1_amd64.buildinfo
Files:
 88704aa76c3a03a4698cf7e824984933 67480 debug optional libsdl-image1.2-dbgsym_1.2.12-8ubuntu0.1_amd64.ddeb
 5737929f08bb8f5ceb4d3b09eb7542ef 32616 libdevel optional libsdl-image1.2-dev_1.2.12-8ubuntu0.1_amd64.deb
 66c7f5db7861173c089a6706254237e5 30280 libs optional libsdl-image1.2_1.2.12-8ubuntu0.1_amd64.deb
 e22886993396abfddd8964442f6b407c 10626 libs optional sdl-image1.2_1.2.12-8ubuntu0.1_amd64.buildinfo
Original-Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org>