Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package SDL2 for openSUSE:Factory checked in at 2024-01-15 22:15:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/SDL2 (Old) and /work/SRC/openSUSE:Factory/.SDL2.new.21961 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "SDL2" Mon Jan 15 22:15:18 2024 rev:60 rq:1138787 version:2.28.5 Changes: -------- --- /work/SRC/openSUSE:Factory/SDL2/SDL2.changes 2023-11-03 22:19:35.270819937 +0100 +++ /work/SRC/openSUSE:Factory/.SDL2.new.21961/SDL2.changes 2024-01-15 22:16:48.937533657 +0100 @@ -144,0 +145,7 @@ +- Drop CVE-2022-4743.patch. + +------------------------------------------------------------------- +Tue Nov 3 21:06:13 UTC 2022 - Michael Gorse <[email protected]> + +- Add CVE-2022-4743.patch: fix potential memory leak in + GLES_CreateTexture (boo#1206727 CVE-2022-4743). @@ -290,0 +298,8 @@ +- Drop CVE-2021-33657.patch. + +------------------------------------------------------------------- +Tue Nov 10 19:50:12 UTC 2021 - Michael Gorse <[email protected]> + +- Add CVE-2021-33657.patch: always create a full 256-entry color + map in case color values are out of range (boo#1198001 + CVE-2021-33657). @@ -342,0 +358,8 @@ +- Drop sdl2-surface-pitch-overflow.patch. + +------------------------------------------------------------------- +Tue Jan 14 21:30:34 UTC 2020 - Michael Gorse <[email protected]> + +- Add sdl2-surface-pitch-overflow.patch: fix overflow in surface + pitch calculation (boo#1181201 boo#1181202 CVE-2020-14410 + CVE-2020-14409). @@ -353 +376 @@ - * fixes build on i586 (boo#1153455) + * fixes build on i586 (boo#1153455, boo#1158176) @@ -417,0 +441,67 @@ +- Drop CVE-2019-13626.patch, CVE-2019-7636.patch, + CVE-2019-7635.patch. + +------------------------------------------------------------------- +Mon Jul 20 19:33:22 UTC 2019 - Michael Gorse <[email protected]> + +- Add CVE-2019-13626.patch: add safeguards to the wav parser to + prevent crashes (boo#1142031 CVE-2019-13626). +- Drop CVE-2019-7572.patch, CVE-2019-7574.patch, + CVE-2019-7575.patch, CVE-2019-7577.patch, and + CVE-2019-7578.patch: these are handled by the new code added in + CVE-2019-13626.patch. + +------------------------------------------------------------------- +Thu May 23 09:52:38 UTC 2019 - Qiang Zheng <[email protected]> + +- Remove CVE-2019-7637.patch, the modification of function + SDL_CalculatePitch is only suit for SDL not SDL2. + +------------------------------------------------------------------- +Wed Mar 20 09:46:14 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7636.patch to fix a heap-based buffer over-read + issue (CVE-2019-7636, boo#1124826, CVE-2019-7638, boo#1124824). + +------------------------------------------------------------------- +Wed Mar 20 09:34:39 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7635.patch to fix a heap-based buffer over-read + issue (CVE-2019-7635, boo#1124827). + +------------------------------------------------------------------- +Wed Mar 20 09:08:43 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7578.patch to fix a heap-based buffer over-read + issue (CVE-2019-7578, boo#1125099, CVE-2019-7576, boo#1124799 + CVE-2019-7573, boo#1124805). + +------------------------------------------------------------------- +Wed Mar 20 07:50:52 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7572.patch to fix a buffer over-read issue + (CVE-2019-7572, boo#1124806). + +------------------------------------------------------------------- +Wed Mar 20 07:19:37 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7574.patch to fix a heap-based buffer over-read + issue (CVE-2019-7574, boo#1124803). + +------------------------------------------------------------------- +Thu Feb 28 06:14:19 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7575.patch to fix a heap-based buffer overflow + issue (CVE-2019-7575, boo#1124802). + +------------------------------------------------------------------- +Thu Feb 28 02:27:10 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7637.patch to fix a heap-base buffer overflow + issue (CVE-2019-7637, boo#1124825). + +------------------------------------------------------------------- +Wed Feb 27 07:45:48 UTC 2019 - qzheng <[email protected]> + +- Add CVE-2019-7577.patch to fix a buffer over-read issue + (CVE-2019-7577, boo#1124800). ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ SDL2.spec ++++++ --- /var/tmp/diff_new_pack.86dK9P/_old 2024-01-15 22:16:49.473553242 +0100 +++ /var/tmp/diff_new_pack.86dK9P/_new 2024-01-15 22:16:49.473553242 +0100 @@ -1,7 +1,7 @@ # # spec file for package SDL2 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed
