Описание
Security update for SDL
This update for SDL fixes the following issues:
Security issues fixed:
- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
- CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
- CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
- CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
- CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
- CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
- CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
- CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
- CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
- CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2019:13998-1
- E-Mail link for SUSE-SU-2019:13998-1
- SUSE Security Ratings
- SUSE Bug 1124799
- SUSE Bug 1124800
- SUSE Bug 1124802
- SUSE Bug 1124803
- SUSE Bug 1124805
- SUSE Bug 1124806
- SUSE Bug 1124824
- SUSE Bug 1124825
- SUSE Bug 1124826
- SUSE Bug 1124827
- SUSE Bug 1125099
- SUSE CVE CVE-2019-7572 page
- SUSE CVE CVE-2019-7573 page
- SUSE CVE CVE-2019-7574 page
- SUSE CVE CVE-2019-7575 page
- SUSE CVE CVE-2019-7576 page
- SUSE CVE CVE-2019-7577 page
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
Затронутые продукты
Ссылки
- CVE-2019-7572
- SUSE Bug 1124806
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
Затронутые продукты
Ссылки
- CVE-2019-7573
- SUSE Bug 1124805
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
Затронутые продукты
Ссылки
- CVE-2019-7574
- SUSE Bug 1124803
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
Затронутые продукты
Ссылки
- CVE-2019-7575
- SUSE Bug 1124802
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
Затронутые продукты
Ссылки
- CVE-2019-7576
- SUSE Bug 1124799
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
Затронутые продукты
Ссылки
- CVE-2019-7577
- SUSE Bug 1124800
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
Затронутые продукты
Ссылки
- CVE-2019-7578
- SUSE Bug 1125099
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
Затронутые продукты
Ссылки
- CVE-2019-7635
- SUSE Bug 1124827
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
Затронутые продукты
Ссылки
- CVE-2019-7636
- SUSE Bug 1124826
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
Затронутые продукты
Ссылки
- CVE-2019-7637
- SUSE Bug 1124825
- SUSE Bug 1134135
Описание
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
Затронутые продукты
Ссылки
- CVE-2019-7638
- SUSE Bug 1124824