Fedora 28: SDL Security Update 2019-6092f8c0dc
Summary
Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed
to provide fast access to the graphics frame buffer and audio device.
This release fixes various buffer overflows when parsing or processing damaged
Waveform audio and BMP image files.
* Fri Feb 15 2019 Petr Pisar
- Fix CVE-2019-7577 (a buffer overread in MS_ADPCM_decode) (bug #1676510)
- Fix CVE-2019-7575 (a buffer overwrite in MS_ADPCM_decode) (bug #1676744)
- Fix CVE-2019-7574 (a buffer overread in IMA_ADPCM_decode) (bug #1676750)
- Fix CVE-2019-7572 (a buffer overread in IMA_ADPCM_nibble) (bug #1676754)
- Fix CVE-2019-7572 (a buffer overwrite in IMA_ADPCM_nibble) (bug #1676754)
- Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS_ADPCM)
(bugs #1676752, #1676756)
- Fix CVE-2019-7578 (a buffer overread in InitIMA_ADPCM) (bug #1676782)
- Fix CVE-2019-7638, CVE-2019-7636 (buffer overflows when processing BMP
images with too high number of colors) (bugs #1677144, #1677157)
- Fix CVE-2019-7637 (an integer overflow in SDL_CalculatePitch) (bug #1677152)
- Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel
colors out the palette) (bug #1677159)
- Reject 2, 3, 5, 6, 7-bpp BMP images (bug #1677159)
[ 1 ] Bug #1676509 - CVE-2019-7577 SDL: Buffer over-read in function SDL_LoadWAV_RW in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676509
[ 2 ] Bug #1676743 - CVE-2019-7575 SDL: Heap based buffer overflow in function MS_ADPCM_decode in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676743
[ 3 ] Bug #1676749 - CVE-2019-7574 SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676749
[ 4 ] Bug #1676753 - CVE-2019-7572 SDL: Buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676753
[ 5 ] Bug #1676751 - CVE-2019-7573 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676751
[ 6 ] Bug #1676755 - CVE-2019-7576 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676755
[ 7 ] Bug #1676781 - CVE-2019-7578 SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c
https://bugzilla.redhat.com/show_bug.cgi?id=1676781
[ 8 ] Bug #1677143 - CVE-2019-7638 SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c
https://bugzilla.redhat.com/show_bug.cgi?id=1677143
[ 9 ] Bug #1677156 - CVE-2019-7636 SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c
https://bugzilla.redhat.com/show_bug.cgi?id=1677156
[ 10 ] Bug #1677151 - CVE-2019-7637 SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c
https://bugzilla.redhat.com/show_bug.cgi?id=1677151
[ 11 ] Bug #1677158 - CVE-2019-7635 SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c
https://bugzilla.redhat.com/show_bug.cgi?id=1677158
su -c 'dnf upgrade --advisory FEDORA-2019-6092f8c0dc' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2019-6092f8c0dc 2019-03-02 01:20:05.967657 Product : Fedora 28 Version : 1.2.15 Release : 31.fc28 URL : http://www.libsdl.org/ Summary : A cross-platform multimedia library Description : Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files. * Fri Feb 15 2019 Petr Pisar - 1.2.15-31 - Fix CVE-2019-7577 (a buffer overread in MS_ADPCM_decode) (bug #1676510) - Fix CVE-2019-7575 (a buffer overwrite in MS_ADPCM_decode) (bug #1676744) - Fix CVE-2019-7574 (a buffer overread in IMA_ADPCM_decode) (bug #1676750) - Fix CVE-2019-7572 (a buffer overread in IMA_ADPCM_nibble) (bug #1676754) - Fix CVE-2019-7572 (a buffer overwrite in IMA_ADPCM_nibble) (bug #1676754) - Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS_ADPCM) (bugs #1676752, #1676756) - Fix CVE-2019-7578 (a buffer overread in InitIMA_ADPCM) (bug #1676782) - Fix CVE-2019-7638, CVE-2019-7636 (buffer overflows when processing BMP images with too high number of colors) (bugs #1677144, #1677157) - Fix CVE-2019-7637 (an integer overflow in SDL_CalculatePitch) (bug #1677152) - Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel colors out the palette) (bug #1677159) - Reject 2, 3, 5, 6, 7-bpp BMP images (bug #1677159) [ 1 ] Bug #1676509 - CVE-2019-7577 SDL: Buffer over-read in function SDL_LoadWAV_RW in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676509 [ 2 ] Bug #1676743 - CVE-2019-7575 SDL: Heap based buffer overflow in function MS_ADPCM_decode in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676743 [ 3 ] Bug #1676749 - CVE-2019-7574 SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676749 [ 4 ] Bug #1676753 - CVE-2019-7572 SDL: Buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676753 [ 5 ] Bug #1676751 - CVE-2019-7573 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676751 [ 6 ] Bug #1676755 - CVE-2019-7576 SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676755 [ 7 ] Bug #1676781 - CVE-2019-7578 SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c https://bugzilla.redhat.com/show_bug.cgi?id=1676781 [ 8 ] Bug #1677143 - CVE-2019-7638 SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c https://bugzilla.redhat.com/show_bug.cgi?id=1677143 [ 9 ] Bug #1677156 - CVE-2019-7636 SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c https://bugzilla.redhat.com/show_bug.cgi?id=1677156 [ 10 ] Bug #1677151 - CVE-2019-7637 SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c https://bugzilla.redhat.com/show_bug.cgi?id=1677151 [ 11 ] Bug #1677158 - CVE-2019-7635 SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c https://bugzilla.redhat.com/show_bug.cgi?id=1677158 su -c 'dnf upgrade --advisory FEDORA-2019-6092f8c0dc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References