Bug#912618: libsdl2-image: CVE-2018-3977: do_layer_surface code execution vulnerability
Chris Lamb
lamby at debian.org
Sun Nov 4 14:44:36 GMT 2018
Hi SDL maintainers & security team,
> libsdl2-image: CVE-2018-3977: do_layer_surface code execution
> vulnerability
The attached patches apply cleanly to jessie, stretch and sid
respectfully. (Looks like they reformatted their code later on.)
I am happy to upload handle jessie, but I can also work on the
stable/sid releases too if you wish; please let me know.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby at debian.org / chris-lamb.co.uk
`-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2018-3977_stretch.patch
Type: text/x-patch
Size: 435 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-sdl-maintainers/attachments/20181104/0b9359de/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2018-3977_sid.patch
Type: text/x-patch
Size: 534 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-sdl-maintainers/attachments/20181104/0b9359de/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2018-3977_jessie.patch
Type: text/x-patch
Size: 435 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-sdl-maintainers/attachments/20181104/0b9359de/attachment-0005.bin>
More information about the Pkg-sdl-maintainers
mailing list