[Git][security-tracker-team/security-tracker][master] libsdl2-image, sdl-image1.2: jessie re-triage, commit links

Hugo Lefeuvre hle at debian.org
Sat Jul 20 20:42:57 BST 2019 


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a461d226 by Hugo Lefeuvre at 2019-07-20T19:42:20Z
libsdl2-image, sdl-image1.2: jessie re-triage, commit links

+ remove jessie no-dsa from these issues: I have authored the patches
myself and have good confidence in them. Some of these issues are
actually exploitable ones (hard, but doable), so there's some value in
addressing them.

+ add commit link for these issues. My separate patches have been
merged into a single one by upstream.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5709,42 +5709,38 @@ CVE-2019-12222 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
-	[jessie] - libsdl2-image <no-dsa> (Minor issue)
 	- sdl-image1.2 <unfixed>
 	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
 	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
-	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621
+	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
-	[jessie] - libsdl2-image <no-dsa> (Minor issue)
 	- sdl-image1.2 <unfixed>
 	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
 	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
-	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628
+	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
-	[jessie] - libsdl2-image <no-dsa> (Minor issue)
 	- sdl-image1.2 <unfixed>
 	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
 	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
-	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627
+	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
-	[jessie] - libsdl2-image <no-dsa> (Minor issue)
 	- sdl-image1.2 <unfixed>
 	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
 	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
-	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625
+	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
@@ -5759,12 +5755,11 @@ CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)
 	[stretch] - libsdl2-image <no-dsa> (Minor issue)
-	[jessie] - libsdl2-image <no-dsa> (Minor issue)
 	- sdl-image1.2 <unfixed>
 	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
 	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
-	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626
+	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	- libsdl2-image <unfixed>
 	[buster] - libsdl2-image <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a461d22683f23635faef99aeccec2cf06e5210b6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a461d22683f23635faef99aeccec2cf06e5210b6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190720/9c84b96f/attachment.html>

More information about the debian-security-tracker-commits mailing list