UbuntuUpdates.org

Package "libsdl1.2"

Name: libsdl1.2

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Simple DirectMedia Layer debug files
  • Simple DirectMedia Layer development files
  • Simple DirectMedia Layer

Latest version: 1.2.14-6.4ubuntu3.2
Release: precise (12.04)
Level: updates
Repository: main

Links



Other versions of "libsdl1.2" in Precise

Repository Area Version
base main 1.2.14-6.4ubuntu3
security main 1.2.14-6.4ubuntu3.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.2.14-6.4ubuntu3.2 2021-05-03 16:06:21 UTC

  libsdl1.2 (1.2.14-6.4ubuntu3.2) precise-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer over-read
    - debian/patches/CVE-2019-13616.patch: validate image size
      when loading BMP files in src/video/SDL_bmp.c.
    - CVE-2019-13616
  * SECURITY UPDATE: Buffer over-read
    - debian/patches/CVE-2019-7572*.patch: moving clamping the index
      value at beginning of IMA_ADPCM_nibble in src/audio/SDL_wave.c.
    - CVE-2019-7572
  * SECURITY UPDATE: Heap-based buffer over-read
    - debian/patches/CVE-2019-7573-76.patch: check if MS ADPCK chunk
      was too short in src/audio/SDL_wave.c.
    - CVE-2019-7573
    - CVE-2019-7576
  * SECURITY UPDATE: Heap-based buffer over-read
    - debian/patches/CVE-2019-7574.patch: check if data chunk
      was shorter than expected based on WAF format in
      src/audio/SDL_wave.c.
    - CVE-2019-7574
  * SECURITY UPDATE: Heap-based buffer overflow and buffer over-read
    - debian/patches/CVE-2019-7575-77-2.patch: check if
      a WAV format defines shorter audio stream in
      src/audio/SDL_wave.c.
    - debian/patches/CVE-2019-7577.patch: checks overread in
      src/audio/SDL_wave.c.
    - CVE-2019-7575
    - CVE-2019-7577
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7578.patch: fix in
      src/audio/SDL_wave.c.
    - CVE-2019-7578
  * SECURITY UPDATE: heap-based buffer over-read
    - debian/patches/CVE-2019-7635.patch: fix in
      src/video/SDL_bmp.c.
    - CVE-2019-7635
  * SECURITY UPDATE: heap-baed buffer over-read
    - debian/patches/CVE-2019-7636.patch: fix in
      src/video/SDL_bmp.c.
    - CVE-2019-7636
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2019-7637*.patch: fix in
      src/video/SDL_pixels.c, src/video/gapi/SDL_gapivideo.c.
    - CVE-2019-7637
  * fixing a patch error
    - debian/patches/fix_error_patching*.patch: in
      src/audio/SDL_wave.c, src/video/SDL_pixels.c.

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 15 Oct 2019 14:39:37 -0300

Source diff to previous version
CVE-2019-13616 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called f
CVE-2019-7572 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
CVE-2019-7573 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the
CVE-2019-7576 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside th
CVE-2019-7574 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7575 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7577 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
CVE-2019-7578 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
CVE-2019-7635 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
CVE-2019-7636 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
CVE-2019-7637 SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

Version: 1.2.14-6.4ubuntu3.1 2015-04-13 19:06:28 UTC

  libsdl1.2 (1.2.14-6.4ubuntu3.1) precise-security; urgency=medium

  * SECURITY UPDATE: buffer overflow in MakeBigReq (LP: #1441381)
    - debian/control: change Build-Depends to libx11 security update
    - CVE-2013-7439
 -- Marc Deslauriers <email address hidden> Mon, 13 Apr 2015 08:17:25 -0400

CVE-2013-7439 4-byte buffer overflow in MakeBigReq



About   -   Send Feedback to @ubuntu_updates