[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add patch links for recent libsdl2-image CVEs

Felix Geyer fgeyer at debian.org
Mon Mar 5 17:50:45 UTC 2018 

Felix Geyer pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ba749df by Felix Geyer at 2018-03-05T18:49:21+01:00
Add patch links for recent libsdl2-image CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -28884,16 +28884,19 @@ CVE-2017-14450 [Simple DirectMedia Layer SDL2_Image LWZ Decompression Buffer Ove
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0499
+	NOTE: http://hg.libsdl.org/SDL_image/rev/45e750f92c84
 	TODO: check sdl-image1.2
 CVE-2017-14449 [Simple DirectMedia Layer SDL2_image do_layer_surface Double-Free Vulnerability]
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0498
+	NOTE: http://hg.libsdl.org/SDL_image/rev/d0142861559c
 	TODO: check sdl-image1.2
 CVE-2017-14448 [Simple DirectMedia Layer SDL2_image load_xcf_tile_rle Decompression Code Execution Vulnerability]
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0497
+	NOTE: http://hg.libsdl.org/SDL_image/rev/7df1580f1695
 	TODO: check sdl-image1.2
 CVE-2017-14447
 	RESERVED
@@ -28909,16 +28912,19 @@ CVE-2017-14442 [Simple DirectMedia Layer SDL2_image Image Palette Population Cod
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0491
+	NOTE: http://hg.libsdl.org/SDL_image/rev/37445f6180a8
 	TODO: check sdl-image1.2
 CVE-2017-14441 [Simple DirectMedia Layer SDL2_image ICO Pitch Handling Code Execution Vulnerability]
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0490
+	NOTE: http://hg.libsdl.org/SDL_image/rev/a1e9b624ca10
 	TODO: check sdl-image1.2
 CVE-2017-14440 [Simple DirectMedia Layer SDL2_image ILBM CMAP Parsing Code Execution Vulnerability]
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0489
+	NOTE: http://hg.libsdl.org/SDL_image/rev/bfa08dc02b3c
 	TODO: check sdl-image1.2
 CVE-2017-14439
 	RESERVED
@@ -35867,6 +35873,8 @@ CVE-2017-12122 [Simple DirectMedia Layer SDL2_Image IMG_LoadLBM_RW Code Executio
 	RESERVED
 	- libsdl2-image 2.0.3+dfsg1-1
 	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0488
+	NOTE: http://hg.libsdl.org/SDL_image/rev/16772bbb1b09
+	NOTE: http://hg.libsdl.org/SDL_image/rev/97f7f01e0665
 	TODO: check sdl-image1.2
 CVE-2017-12121
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ba749dff2474fedcfdde47fdcc81593cd45de21

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ba749dff2474fedcfdde47fdcc81593cd45de21
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180305/7ab3360e/attachment.html>

More information about the Secure-testing-commits mailing list