Описание
Security update for SDL
This update for SDL fixes the following issues:
- CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c. (bsc#1181202)
- CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c. (bsc#1181201)
- CVE-2021-33657: Fixed a Heap overflow problem in video/SDL_pixels.c. (bsc#1198001)
Список пакетов
HPE Helion OpenStack 8
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP3-BCL
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP3-LTSS
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP5
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libSDL-devel-1.2.15-15.17.1
SUSE OpenStack Cloud 8
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE OpenStack Cloud 9
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE OpenStack Cloud Crowbar 8
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE OpenStack Cloud Crowbar 9
libSDL-1_2-0-1.2.15-15.17.1
libSDL-1_2-0-32bit-1.2.15-15.17.1
Ссылки
- Link for SUSE-SU-2022:1312-1
- E-Mail link for SUSE-SU-2022:1312-1
- SUSE Security Ratings
- SUSE Bug 1181201
- SUSE Bug 1181202
- SUSE Bug 1198001
- SUSE CVE CVE-2020-14409 page
- SUSE CVE CVE-2020-14410 page
- SUSE CVE CVE-2021-33657 page
Описание
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.
Затронутые продукты
HPE Helion OpenStack 8:libSDL-1_2-0-1.2.15-15.17.1
HPE Helion OpenStack 8:libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL:libSDL-1_2-0-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL:libSDL-1_2-0-32bit-1.2.15-15.17.1
Ссылки
- CVE-2020-14409
- SUSE Bug 1181202
- SUSE Bug 1200204
Описание
SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.
Затронутые продукты
HPE Helion OpenStack 8:libSDL-1_2-0-1.2.15-15.17.1
HPE Helion OpenStack 8:libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL:libSDL-1_2-0-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL:libSDL-1_2-0-32bit-1.2.15-15.17.1
Ссылки
- CVE-2020-14410
- SUSE Bug 1181201
- SUSE Bug 1200204
Описание
There is a heap overflow problem in video/SDL_pixels.c in SDL (Simple DirectMedia Layer) 2.x to 2.0.18 versions. By crafting a malicious .BMP file, an attacker can cause the application using this library to crash, denial of service or Code execution.
Затронутые продукты
HPE Helion OpenStack 8:libSDL-1_2-0-1.2.15-15.17.1
HPE Helion OpenStack 8:libSDL-1_2-0-32bit-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL:libSDL-1_2-0-1.2.15-15.17.1
SUSE Linux Enterprise Server 12 SP2-BCL:libSDL-1_2-0-32bit-1.2.15-15.17.1
Ссылки
- CVE-2021-33657
- SUSE Bug 1198001
- SUSE Bug 1199105
- SUSE Bug 1200204