FEDORA-2019-6092f8c0dc

security update in Fedora 28 for SDL

Status: stable 6 months ago

This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files.

Comments 5

This update has been submitted for testing by ppisar.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by ppisar.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 7 months ago
in testing 7 months ago
in stable 6 months ago

Related Bugs 22

00 #1676509 CVE-2019-7577 SDL: Buffer over-read in function SDL_LoadWAV_RW in audio/SDL_wave.c
00 #1676510 CVE-2019-7577 SDL: Buffer over-read in function SDL_LoadWAV_RW in audio/SDL_wave.c [fedora-all]
00 #1676743 CVE-2019-7575 SDL: Heap based buffer overflow in function MS_ADPCM_decode in audio/SDL_wave.c
00 #1676744 CVE-2019-7575 SDL: Heap based buffer overflow in function MS_ADPCM_decode in audio/SDL_wave.c [fedora-all]
00 #1676749 CVE-2019-7574 SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c
00 #1676750 CVE-2019-7574 SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c [fedora-all]
00 #1676751 CVE-2019-7573 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
00 #1676752 CVE-2019-7573 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c [fedora-all]
00 #1676753 CVE-2019-7572 SDL: Buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c
00 #1676754 CVE-2019-7572 SDL: BUffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c [fedora-all]
00 #1676755 CVE-2019-7576 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
00 #1676756 CVE-2019-7576 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c [fedora-all]
00 #1676781 CVE-2019-7578 SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c
00 #1676782 CVE-2019-7578 SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c [fedora-all]
00 #1677143 CVE-2019-7638 SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c
00 #1677144 CVE-2019-7638 SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c [fedora-all]
00 #1677151 CVE-2019-7637 SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c
00 #1677152 CVE-2019-7637 SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c [fedora-all]
00 #1677156 CVE-2019-7636 SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c
00 #1677157 CVE-2019-7636 SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c [fedora-all]
00 #1677158 CVE-2019-7635 SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c
00 #1677159 CVE-2019-7635 SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c [fedora-all]

Automated Test Results