Security update for SDL2, SDL2_image
This update for SDL2 and SDL2_image fixes the following issues:
- CVE-2017-14441: Code execution in the ICO image rendering (bsc#1084282).
- CVE-2017-14440: Potential code execution in the ILBM image rendering functionality (bsc#1084257).
- CVE-2017-12122: Potential code execution in the ILBM image rendering fuctionality (bsc#1084256).
- CVE-2017-14448: Heap buffer overflow in the XCF image rendering functionality (bsc#1084303).
- CVE-2017-14449: Double-Free in the XCF image rendering (bsc#1084297).
- CVE-2017-14442: Stack buffer overflow the BMP image rendering functionality (bsc#1084304).
- CVE-2017-14450: Buffer overflow in the GIF image parsing (bsc#1084288).
Bug fixes:
- boo#1025413: Add dbus-ime.diff and build with fcitx.
-
Submitted by
Jan Engelhardt (jengelh)
Fixed bugs
bnc#1025413
games/SDL2: Needs build with fcitx support
bnc#1084282
VUL-0: CVE-2017-14441: SDL_image, SDL2_image: code execution in the ICO image rendering
bnc#1084257
VUL-0: CVE-2017-14440: SDL_image, SDL2_image: Potential code execution in the ILBM image rendering functionality
bnc#1084256
VUL-0: CVE-2017-12122: SDL_image, SDL2_image: Potential code execution in the ILBM image rendering fuctionality
bnc#1084303
VUL-0: CVE-2017-14448: SDL_image, SDL2_image: Heap buffer overflow in the XCF image rendering functionality
bnc#1084297
VUL-1: CVE-2017-14449: SDL2_image: double-Free in the XCF image rendering
bnc#1084304
VUL-0: CVE-2017-14442: SDL_image, SDL2_image: Stack buffer overflow the BMP image rendering functionality
bnc#1084288
VUL-0: CVE-2017-14450: SDL_image, SDL2_image: Buffer overflow in the GIF image parsing
