Hello, If my understanding is correct, some patches in libsdl2 (2.0.2+dfsg1-6+deb8u1) as applied in Jessie cause issues because they were intended for libsdl1.2, not libsdl2. The patch for CVE-2019-7637 causes regressions (more info here <https://bugzilla.novell.com/show_bug.cgi?id=1124825>), the commit here <https://hg.libsdl.org/SDL/rev/81a4950907a0> fixes the CVE. The patch for CVEs CVE-2019-7635, CVE-2019-7638 and CVE-2019-7636 has unreachable code. The commit here <https://hg.libsdl.org/SDL/rev/7c643f1c1887> fixes CVE-2019-7635 and the commit here <https://hg.libsdl.org/SDL/rev/07c39cbbeacf> fixes CVEs CVE-2019-7638 and CVE-2019-7636.
Thanks, Avital
