openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Security update for SDL2

This update for SDL2 fixes the following issues:

Security issues fixed:

- CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c (bsc#1141844).
- CVE-2019-13626: Fixed integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c (bsc#1142031).

This update was imported from the SUSE:SLE-15:Update update project.

Submitted by Michael Gorse (mgorse)

Fixed bugs

bnc#1141844

VUL-1: CVE-2019-13616: SDL,SDL2: through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.

bnc#1142031

VUL-0: CVE-2019-13626: SDL2: integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c leads to heap-based buffer over-read in Fill_IMA_ADPCM_block

CVE-2019-13616

CVE-2019-13626

Places

Fixed bugs

Selected Binaries

Places