[Git][security-tracker-team/security-tracker][master] CVE-2019-7572/libsdl{1.2,2}: add upstream patches

Thu Oct 10 16:09:31 BST 2019


Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
269f4823 by Hugo Lefeuvre at 2019-10-10T15:09:11Z
CVE-2019-7572/libsdl{1.2,2}: add upstream patches

Proposed patches have been merged. Warning: those are _SDL-1.2_
patches, not SDL-2...

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28993,8 +28993,10 @@ CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[buster] - libsdl2 <no-dsa> (Minor issue)
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4495
-	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
-	NOTE: Proposed patch: https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
+	NOTE: https://hg.libsdl.org/SDL/rev/e52413f52586 (SDL-1.2)
+	NOTE: https://hg.libsdl.org/SDL/rev/a8afedbcaea0 (SDL-1.2)
+	NOTE: SDL2 was probably fixed during a refactoring, no targeted fix available:
+	NOTE: https://hg.libsdl.org/SDL/rev/b06fa7da012b (SDL-2)
 CVE-2019-7571
 	RESERVED
 CVE-2019-7570 (A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete user ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/269f482391ebc791014c63d915f175ca82c70cc6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/269f482391ebc791014c63d915f175ca82c70cc6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191010/8e2f6860/attachment-0001.html>
