[ubuntu/xenial-updates] libsdl2 2.0.4+dfsg1-2ubuntu2.16.04.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Sep 30 14:58:21 UTC 2019
libsdl2 (2.0.4+dfsg1-2ubuntu2.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: heap-based buffer over-read in Fill_IMA_ADPCM_block
- debian/patches/CVE-2017-2888.diff: check var size before mallocing pixels
- debian/patches/CVE-2017-2888_CVE-2019-7637.diff: assert size of int
before mallocing
- CVE-2017-2888
- CVE-2019-7637
* SECURITY UPDATE: heap-based buffer over-read in Blit1to4
- debian/patches/CVE-2019-7635.diff: add error checking to SDL_LoadBMP_RW
- CVE-2019-7635
* SECURITY UPDATE: heap-based buffer over-read in Map1toN and
SDL_GetRGB
- debian/patches/CVE-2019-7636_CVE-2019-7638.patch: add error checking to
SDL_LoadBMP_RW
- CVE-2019-7636
- CVE-2019-7638
* Package failed to build from source
- debian/patches/ftbfs.diff: Add wl_proxy_marshal_constructor_versioned sym
Date: 2019-09-26 18:21:12.982884+00:00
Changed-By: Avital Ostromich <avital.ostromich at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/libsdl2/2.0.4+dfsg1-2ubuntu2.16.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list