Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2019:1223-1

Опубликовано: 17 апр. 2019
Источник: suse-cvrf

Описание

Security update for SDL

This update for SDL fixes the following issues:

Security issues fixed:

  • CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
  • CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
  • CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
  • CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
  • CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
  • CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
  • CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
  • CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
  • CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
  • CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
  • CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0
libSDL-1_2-0-1.2.15-lp150.2.3.1
libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
libSDL-devel-1.2.15-lp150.2.3.1
libSDL-devel-32bit-1.2.15-lp150.2.3.1

Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки

Описание

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

Затронутые продукты
openSUSE Leap 15.0:libSDL-1_2-0-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-1_2-0-32bit-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-1.2.15-lp150.2.3.1
openSUSE Leap 15.0:libSDL-devel-32bit-1.2.15-lp150.2.3.1
Ссылки