Security update for SDL2_image
This update for SDL2_image fixes the following issues:
Security issues fixed:
- CVE-2018-3839: Fixed an exploitable code execution vulnerability that existed in the XCF image rendering functionality of the Simple DirectMedia Layer (bsc#1089087).
- CVE-2018-3977: Fixed a possible code execution via creafted XCF image that could have caused a heap overflow (bsc#1114519).
-
Submitted by
Jan Engelhardt (jengelh)
Fixed bugs
bnc#1089087
VUL-0: CVE-2018-3839: SDL_image,SDL2_image: An exploitable code execution vulnerability exists in the XCF image renderingfunctionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially craftedXCF image can cause an out-of-bounds write on the
bnc#1114519
VUL-0: CVE-2018-3977: SDL_image,SDL2_image: XCF image can cause a heap overflow, resulting in code execution
