Format: 1.8
Date: Fri, 10 Jan 2020 12:49:04 -0300
Source: sdl-image1.2
Binary: libsdl-image1.2 libsdl-image1.2-dev
Architecture: i386
Version: 1.2.12-8ubuntu0.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-040.buildd>
Changed-By: Eduardo Barretto <eduardo.barretto@canonical.com>
Description:
 libsdl-image1.2 - Image loading library for Simple DirectMedia Layer 1.2, libraries
 libsdl-image1.2-dev - Image loading library for Simple DirectMedia Layer 1.2, developme
Changes:
 sdl-image1.2 (1.2.12-8ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Arbitrary code execution in the XCF image rendering
     - debian/patches/CVE-2018-3977.patch: Fix potential buffer overflow on
       corrupt or maliciously-crafted XCF file.
     - CVE-2018-3977
   * SECURITY UPDATE: Buffer overflows in IMG_pcx.c
     - debian/patches/IMG_pcx-out-of-bounds.patch: fix multiple OOB issues in
       IMG_pcx.c
     - CVE-2019-5051
     - CVE-2019-12217
     - CVE-2019-12219
     - CVE-2019-12220
     - CVE-2019-12221
     - CVE-2019-12222
   * SECURITY UPDATE: Integer overflow when loading a PCX file
     - debian/patches/CVE-2019-5052.patch: Fix invalid data read on bpl == -1.
     - CVE-2019-5052
   * SECURITY UPDATE: Heap-based buffer over-read in Blit1to4()
     - debian/patches/CVE-2019-7635.patch: fix Heap-Buffer Overflow in
       Blit1to4().
     - CVE-2019-7635
   * SECURITY UPDATE: Heap buffer overflow in IMG_pcx.c
     - debian/patches/CVE-2019-12218.patch: fix heap buffer overflow issue in
       IMG_pcx.c
     - CVE-2019-12218
     - CVE-2019-12216
   * SECURITY UPDATE: Heap-based buffer over-read in BlitNtoN()
     - debian/patches/CVE-2019-13616.patch: validate image size when loading
       BMP files.
     - CVE-2019-13616
Checksums-Sha1:
 0554d754e1dedd04281f4ce0d2808f212b91aa93 60668 libsdl-image1.2-dbgsym_1.2.12-8ubuntu0.1_i386.ddeb
 ae63a1eadb884bade83c66b13710ae365e64482d 35060 libsdl-image1.2-dev_1.2.12-8ubuntu0.1_i386.deb
 3d15b0c36977082dcbfe7cefe14ae75d44ec1e86 31568 libsdl-image1.2_1.2.12-8ubuntu0.1_i386.deb
 04554f352a921d1aaf68c7fbe61e786a4f15c43d 10537 sdl-image1.2_1.2.12-8ubuntu0.1_i386.buildinfo
Checksums-Sha256:
 d597facd798b17d7053b4284b6a09a5ae791ee700a85a0fd6471c4efcb7bc443 60668 libsdl-image1.2-dbgsym_1.2.12-8ubuntu0.1_i386.ddeb
 6b93a7aceddfc7385e404c2e688d2bd13060c5b2d8042d17e731bab5a94836ab 35060 libsdl-image1.2-dev_1.2.12-8ubuntu0.1_i386.deb
 8d22efd77a1ce290f2091978cae68d10ca4d613c4844a7b912ce6c541b4ba4c8 31568 libsdl-image1.2_1.2.12-8ubuntu0.1_i386.deb
 df21fff6a56b04465301ee85a2ad98f53401887888a1dba3fa58aa52a90c8899 10537 sdl-image1.2_1.2.12-8ubuntu0.1_i386.buildinfo
Files:
 2408a72a4985c7ce93b9d49102798609 60668 debug optional libsdl-image1.2-dbgsym_1.2.12-8ubuntu0.1_i386.ddeb
 f095e03f2204cb75af38b9a45b449845 35060 libdevel optional libsdl-image1.2-dev_1.2.12-8ubuntu0.1_i386.deb
 f916e9e6990b381510daad95f1d7bce9 31568 libs optional libsdl-image1.2_1.2.12-8ubuntu0.1_i386.deb
 90d79421c5bc1030e71e02673ed0070f 10537 libs optional sdl-image1.2_1.2.12-8ubuntu0.1_i386.buildinfo
Original-Maintainer: Debian SDL packages maintainers <pkg-sdl-maintainers@lists.alioth.debian.org>