Univention Bugzilla – Bug 54005
libsdl2: Multiple issues (4.4)
Last modified: 2021-11-03 16:43:44 CET
New Debian libsdl2 2.0.5+dfsg1-2+deb9u2 fixes: This update addresses the following issues: * Integer overflow while creating a new RGB surface (CVE-2017-2888) * heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c (CVE-2019-7637)
--- mirror/ftp/4.4/unmaintained/4.4-8/source/libsdl2_2.0.5+dfsg1-2+deb9u1.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/libsdl2_2.0.5+dfsg1-2+deb9u2.dsc @@ -1,3 +1,9 @@ +2.0.5+dfsg1-2+deb9u2 [Sun, 31 Oct 2021 00:14:41 +0300] Adrian Bunk <bunk@debian.org>: + + * Non-maintainer upload by the LTS team. + * CVE-2017-2888, CVE-2019-7637: Fix for a heap-based buffer + in video/SDL_surface.c. + 2.0.5+dfsg1-2+deb9u1 [Thu, 28 Jan 2021 20:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: * Non-maintainer upload by the LTS Team. <http://piuparts.knut.univention.de/4.4-8/#512363125357105056>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-8] dde4174c4e Bug #54005: libsdl2 2.0.5+dfsg1-2+deb9u2 doc/errata/staging/libsdl2.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [4.4-8] 3e2958ff3a Bug #54005: libsdl2 2.0.5+dfsg1-2+deb9u2 doc/errata/staging/libsdl2.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x1086>