Bug#1016352: libsdl1.2: CVE-2022-34568
Moritz Mühlenhoff
jmm at inutil.org
Fri Jul 29 22:22:24 BST 2022
Source: libsdl1.2
X-Debbugs-CC: team at security.debian.org
Severity: important
Tags: security
Hi,
The following vulnerability was published for libsdl1.2.
CVE-2022-34568[0]:
| SDL v1.2 was discovered to contain a use-after-free via the XFree
| function at /src/video/x11/SDL_x11yuv.c.
https://github.com/libsdl-org/SDL-1.2/issues/863
https://github.com/libsdl-org/SDL-1.2/commit/d7e00208738a0bc6af302723fe64908ac35b777b
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-34568
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34568
Please adjust the affected versions in the BTS as needed.
More information about the Pkg-sdl-maintainers
mailing list