Hello community,

here is the log from the commit of package SDL2_image for openSUSE:Factory 
checked in at 2018-03-13 10:23:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/SDL2_image (Old)
 and      /work/SRC/openSUSE:Factory/.SDL2_image.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "SDL2_image"

Tue Mar 13 10:23:30 2018 rev:9 rq:584127 version:2.0.3

Changes:
--------
--- /work/SRC/openSUSE:Factory/SDL2_image/SDL2_image.changes    2018-02-14 
10:52:39.303452941 +0100
+++ /work/SRC/openSUSE:Factory/.SDL2_image.new/SDL2_image.changes       
2018-03-13 10:23:44.838396470 +0100
@@ -1,0 +2,20 @@
+Thu Mar  8 00:53:28 UTC 2018 - jeng...@inai.de
+
+- Update to new upstream release 2.0.3
+  * Fixed a number of security issues:
+  * TALOS-2017-0488/CVE-2017-12122/boo#1084256:
+    IMG_LoadLBM_RW code execution vulnerability
+  * TALOS-2017-0489/CVE-2017-14440/boo#1084257:
+    ILBM CMAP parsing code execution vulnerability
+  * TALOS-2017-0490/CVE-2017-14441/boo#1084282:
+    ICO pitch handling code execution vulnerability
+  * TALOS-2017-0491/CVE-2017-14442/boo#1084304:
+    Image palette population code execution vulnerability
+  * TALOS-2017-0497/CVE-2017-14448/boo#1084303:
+    load_xcf_tile_rle decompression code execution
+  * TALOS-2017-0498/CVE-2017-14449/boo#1084297:
+    do_layer_surface double free vulnerability
+  * TALOS-2017-0499/CVE-2017-14450/boo#1084288:
+    LWZ decompression buffer overflow vulnerability
+
+-------------------------------------------------------------------

Old:
----
  SDL2_image-2.0.2.tar.gz

New:
----
  SDL2_image-2.0.3.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ SDL2_image.spec ++++++
--- /var/tmp/diff_new_pack.e0EUYx/_old  2018-03-13 10:23:46.938321235 +0100
+++ /var/tmp/diff_new_pack.e0EUYx/_new  2018-03-13 10:23:46.942321091 +0100
@@ -18,7 +18,7 @@
 
 Name:           SDL2_image
 %define lname  libSDL2_image-2_0-0
-Version:        2.0.2
+Version:        2.0.3
 Release:        0
 Summary:        SDL2 image loading library
 License:        Zlib
@@ -34,7 +34,7 @@
 BuildRequires:  pkg-config
 BuildRequires:  pkgconfig(libpng)
 BuildRequires:  pkgconfig(libwebp)
-BuildRequires:  pkgconfig(sdl2) >= 2.0.6
+BuildRequires:  pkgconfig(sdl2) >= 2.0.8
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description

++++++ SDL2_image-2.0.2.tar.gz -> SDL2_image-2.0.3.tar.gz ++++++
/work/SRC/openSUSE:Factory/SDL2_image/SDL2_image-2.0.2.tar.gz 
/work/SRC/openSUSE:Factory/.SDL2_image.new/SDL2_image-2.0.3.tar.gz differ: char 
5, line 1


Reply via email to