Hugo Lefeuvre pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a461d226 by Hugo Lefeuvre at 2019-07-20T19:42:20Z
libsdl2-image, sdl-image1.2: jessie re-triage, commit links
+ remove jessie no-dsa from these issues: I have authored the patches
myself and have good confidence in them. Some of these issues are
actually exploitable ones (hard, but doable), so there's some value in
addressing them.
+ add commit link for these issues. My separate patches have been
merged into a single one by upstream.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5709,42 +5709,38 @@ CVE-2019-12222 (An issue was discovered in libSDL2.a in
Simple DirectMedia Layer
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
[stretch] - libsdl2-image <no-dsa> (Minor issue)
- [jessie] - libsdl2-image <no-dsa> (Minor issue)
- sdl-image1.2 <unfixed>
[buster] - sdl-image1.2 <no-dsa> (Minor issue)
[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
- [jessie] - sdl-image1.2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621
+ NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
[stretch] - libsdl2-image <no-dsa> (Minor issue)
- [jessie] - libsdl2-image <no-dsa> (Minor issue)
- sdl-image1.2 <unfixed>
[buster] - sdl-image1.2 <no-dsa> (Minor issue)
[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
- [jessie] - sdl-image1.2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628
+ NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
[stretch] - libsdl2-image <no-dsa> (Minor issue)
- [jessie] - libsdl2-image <no-dsa> (Minor issue)
- sdl-image1.2 <unfixed>
[buster] - sdl-image1.2 <no-dsa> (Minor issue)
[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
- [jessie] - sdl-image1.2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627
+ NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
[stretch] - libsdl2-image <no-dsa> (Minor issue)
- [jessie] - libsdl2-image <no-dsa> (Minor issue)
- sdl-image1.2 <unfixed>
[buster] - sdl-image1.2 <no-dsa> (Minor issue)
[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
- [jessie] - sdl-image1.2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625
+ NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
@@ -5759,12 +5755,11 @@ CVE-2019-12217 (An issue was discovered in libSDL2.a in
Simple DirectMedia Layer
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
[stretch] - libsdl2-image <no-dsa> (Minor issue)
- [jessie] - libsdl2-image <no-dsa> (Minor issue)
- sdl-image1.2 <unfixed>
[buster] - sdl-image1.2 <no-dsa> (Minor issue)
[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
- [jessie] - sdl-image1.2 <no-dsa> (Minor issue)
NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626
+ NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia
Layer (SDL) ...)
- libsdl2-image <unfixed>
[buster] - libsdl2-image <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a461d22683f23635faef99aeccec2cf06e5210b6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a461d22683f23635faef99aeccec2cf06e5210b6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
