[Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: add libsdl* and claim them

Hugo Lefeuvre hle at debian.org
Sat May 25 12:53:00 BST 2019 


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5518c72a by Hugo Lefeuvre at 2019-05-25T11:45:18Z
dla-needed: add libsdl* and claim them

- - - - -
39f9e891 by Hugo Lefeuvre at 2019-05-25T11:48:02Z
CVE-2019-12221: affects libsdl2-image, not libsdl2

see patch investigations and patch proposal on upstream bug report

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -249,7 +249,7 @@ CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer
 	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
 	[jessie] - libsdl1.2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628
-	TODO: check details and correct vulnerability location
+	NOTE: affects libsdl2-image/sdl-image1.2, not libsdl2/libsdl1.2
 CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	- libsdl2 <unfixed>
 	[stretch] - libsdl2 <no-dsa> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -61,6 +61,10 @@ libmatio (Adrian Bunk)
   NOTE: 20190428: older changes seem to also be required for them
   NOTE: 20190512: work is ongoing
 --
+libsdl1.2 (Hugo Lefeuvre)
+--
+libsdl2 (Hugo Lefeuvre)
+--
 linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4b9837b524d98cda7c0cd7af5095f8ca93fdd0fd...39f9e891a4b379ff02f679cdf34891fb93d68a55

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4b9837b524d98cda7c0cd7af5095f8ca93fdd0fd...39f9e891a4b379ff02f679cdf34891fb93d68a55
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190525/8dea6653/attachment.html>

More information about the debian-security-tracker-commits mailing list