[Git][security-tracker-team/security-tracker][master] new sdl-image issue

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
169a6deb by Moritz Muehlenhoff at 2026-04-07T14:35:39+02:00
new sdl-image issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,7 +61,13 @@ CVE-2026-35449 (WWBN AVideo is an open source video platform. In versions 26.0 a
 CVE-2026-35448 (WWBN AVideo is an open source video platform. In versions 26.0 and pri ...)
 	NOT-FOR-US: WWBN AVideo
 CVE-2026-35444 (SDL_image is a library to load images of various formats as SDL surfac ...)
-	TODO: check
+	- libsdl3-image <unfixed>
+	- sdl-image1.2 <unfixed>
+	- libsdl2-image <unfixed>
+	NOTE: https://github.com/libsdl-org/SDL_image/security/advisories/GHSA-gq8w-x74c-h6p7
+	NOTE: https://github.com/libsdl-org/SDL_image/commit/996bf12888925932daace576e09c3053410896f8 (main)
+	NOTE: https://github.com/libsdl-org/SDL_image/commit/a1a06276a51ca7e6e63908b200df8a278d8c5039 (SDL2)
+	NOTE: https://github.com/libsdl-org/SDL_image/commit/678ac6a4c6021853485050926f45db08ba6aec48 (SDL-1.2)
 CVE-2026-35442 (Directus is a real-time API and App dashboard for managing SQL databas ...)
 	NOT-FOR-US: Directus
 CVE-2026-35441 (Directus is a real-time API and App dashboard for managing SQL databas ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/169a6deb01f709a63efc2516a0fad2d46cc536db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/169a6deb01f709a63efc2516a0fad2d46cc536db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260407/3fd1fc34/attachment.htm>