[ubuntu/xenial-security] libsdl2 2.0.4+dfsg1-2ubuntu2.16.04.2 (Accepted)

Avital Ostromich Mon, 30 Sep 2019 07:11:14 -0700

libsdl2 (2.0.4+dfsg1-2ubuntu2.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer over-read in Fill_IMA_ADPCM_block
    - debian/patches/CVE-2017-2888.diff: check var size before mallocing pixels
    - debian/patches/CVE-2017-2888_CVE-2019-7637.diff: assert size of int
      before mallocing
    - CVE-2017-2888
    - CVE-2019-7637
  * SECURITY UPDATE: heap-based buffer over-read in Blit1to4
    - debian/patches/CVE-2019-7635.diff: add error checking to SDL_LoadBMP_RW
    - CVE-2019-7635
  * SECURITY UPDATE: heap-based buffer over-read in Map1toN and
     SDL_GetRGB
    - debian/patches/CVE-2019-7636_CVE-2019-7638.patch: add error checking to
      SDL_LoadBMP_RW
    - CVE-2019-7636
    - CVE-2019-7638
  * Package failed to build from source
    - debian/patches/ftbfs.diff: Add wl_proxy_marshal_constructor_versioned sym


Date: 2019-09-26 18:21:12.982884+00:00
Changed-By: Avital Ostromich <avital.ostrom...@canonical.com>
https://launchpad.net/ubuntu/+source/libsdl2/2.0.4+dfsg1-2ubuntu2.16.04.2

Sorry, changesfile not available.

-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

[ubuntu/xenial-security] libsdl2 2.0.4+dfsg1-2ubuntu2.16.04.2 (Accepted)

Reply via email to