[Git][security-tracker-team/security-tracker][master] data/CVE/list: update libsdl* reference

Abhijith PA gitlab at salsa.debian.org
Wed Mar 13 17:15:24 GMT 2019 

Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3140449 by Abhijith PA at 2019-03-13T17:14:35Z
data/CVE/list: update libsdl* reference

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4805,24 +4805,30 @@ CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3631
 CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3630
 CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499
+	NOTE: For 1.2 https://hg.libsdl.org/SDL/rev/19d8c3b9c251
+	NOTE: For libsdl2 https://hg.libsdl.org/SDL/rev/07c39cbbeacf
 CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3637
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3645
 CVE-2018-20764 (A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for ...)
 	NOT-FOR-US: BoKS
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1676393
@@ -4950,42 +4956,51 @@ CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
 CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
 CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490
+	NOTE: very similar bug to CVE-2019-7573, fix for CVE-2019-7573 is applicable to this
 CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4493
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
 CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4496
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
 CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4491
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
 CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has ...)
 	- libsdl1.2 <unfixed>
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4495
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
+	NOTE: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
 CVE-2019-7571
 	RESERVED
 CVE-2019-7570 (A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a31404493cee6ce805011d1a65aa301031e17980

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a31404493cee6ce805011d1a65aa301031e17980
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190313/9d44cf25/attachment.html>

More information about the debian-security-tracker-commits mailing list