Package "libsdl2"
Name: |
libsdl2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Simple DirectMedia Layer
- Simple DirectMedia Layer debug files
- Simple DirectMedia Layer development files
- Reference manual for libsdl2
|
Latest version: |
2.0.4+dfsg1-2ubuntu2.16.04.2 |
Release: |
xenial (16.04) |
Level: |
updates |
Repository: |
universe |
Links
Other versions of "libsdl2" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
libsdl2 (2.0.4+dfsg1-2ubuntu2.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: heap-based buffer over-read in Fill_IMA_ADPCM_block
- debian/patches/CVE-2017-2888.diff: check var size before mallocing pixels
- debian/patches/CVE-2017-2888_CVE-2019-7637.diff: assert size of int
before mallocing
- CVE-2017-2888
- CVE-2019-7637
* SECURITY UPDATE: heap-based buffer over-read in Blit1to4
- debian/patches/CVE-2019-7635.diff: add error checking to SDL_LoadBMP_RW
- CVE-2019-7635
* SECURITY UPDATE: heap-based buffer over-read in Map1toN and
SDL_GetRGB
- debian/patches/CVE-2019-7636_CVE-2019-7638.patch: add error checking to
SDL_LoadBMP_RW
- CVE-2019-7636
- CVE-2019-7638
* Package failed to build from source
- debian/patches/ftbfs.diff: Add wl_proxy_marshal_constructor_versioned sym
-- Avital Ostromich <email address hidden> Wed, 28 Aug 2019 14:45:27 -0400
|
Source diff to previous version |
CVE-2017-2888 |
An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer over |
CVE-2019-7637 |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c. |
CVE-2019-7635 |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. |
CVE-2019-7636 |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. |
CVE-2019-7638 |
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. |
|
libsdl2 (2.0.4+dfsg1-2ubuntu2.16.04.1) xenial; urgency=medium
* Cherry-pick upstream fix for full-screen switching mode
LP: #1679573
-- Gianfranco Costamagna <email address hidden> Sat, 11 Nov 2017 10:55:43 +0100
|
1679573 |
[SRU]full-screen switching is broken |
|
About
-
Send Feedback to @ubuntu_updates