<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Hugo Lefeuvre pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/386c115501f1ca6b4cd83c0f995ca6a01a869e53">386c1155</a></strong>

<div>

<span>by Hugo Lefeuvre</span>

<i>at 2019-05-28T15:01:49Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2019-12219: affects libsdl-image, not libsdl

Very similar to CVE-2019-12220 and CVE-2019-12222. The vulnerability

lies in the sdl_image code base.

Those three CVEs are most likely duplicates, but for some reason the

paths are different. It is very unlikely that MITRE will accept to

reject them as duplicates.

See patch proposal and report on upstream bug tracker:

https://bugzilla.libsdl.org/show_bug.cgi?id=4625#c1

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/386c115501f1ca6b4cd83c0f995ca6a01a869e53#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/386c115501f1ca6b4cd83c0f995ca6a01a869e53">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/386c115501f1ca6b4cd83c0f995ca6a01a869e53"}}</script>

</p>

</div>

</body>

</html>