libsdl1.2 (1.2.14-6.4ubuntu3.2) precise-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2019-13616.patch: validate image size
when loading BMP files in src/video/SDL_bmp.c.
- CVE-2019-13616
* SECURITY UPDATE: Buffer over-read
- debian/patches/CVE-2019-7572*.patch: moving clamping the index
value at beginning of IMA_ADPCM_nibble in src/audio/SDL_wave.c.
- CVE-2019-7572
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2019-7573-76.patch: check if MS ADPCK chunk
was too short in src/audio/SDL_wave.c.
- CVE-2019-7573
- CVE-2019-7576
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2019-7574.patch: check if data chunk
was shorter than expected based on WAF format in
src/audio/SDL_wave.c.
- CVE-2019-7574
* SECURITY UPDATE: Heap-based buffer overflow and buffer over-read
- debian/patches/CVE-2019-7575-77-2.patch: check if
a WAV format defines shorter audio stream in
src/audio/SDL_wave.c.
- debian/patches/CVE-2019-7577.patch: checks overread in
src/audio/SDL_wave.c.
- CVE-2019-7575
- CVE-2019-7577
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2019-7578.patch: fix in
src/audio/SDL_wave.c.
- CVE-2019-7578
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2019-7635.patch: fix in
src/video/SDL_bmp.c.
- CVE-2019-7635
* SECURITY UPDATE: heap-baed buffer over-read
- debian/patches/CVE-2019-7636.patch: fix in
src/video/SDL_bmp.c.
- CVE-2019-7636
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2019-7637*.patch: fix in
src/video/SDL_pixels.c, src/video/gapi/SDL_gapivideo.c.
- CVE-2019-7637
* fixing a patch error
- debian/patches/fix_error_patching*.patch: in
src/audio/SDL_wave.c, src/video/SDL_pixels.c.
Date: 2019-10-16 13:19:13.939551+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langa...@canonical.com>
https://launchpad.net/ubuntu/+source/libsdl1.2/1.2.14-6.4ubuntu3.2
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes