File _patchinfo of Package patchinfo.10453

<patchinfo incident="10453">
  <issue tracker="bnc" id="1124806">VUL-1: CVE-2019-7572: SDL,SDL2: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.</issue>
  <issue tracker="bnc" id="1124799">VUL-1: CVE-2019-7576: SDL,SDL2: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop)</issue>
  <issue tracker="bnc" id="1124803">VUL-1: CVE-2019-7574: SDL,SDL2: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c</issue>
  <issue tracker="bnc" id="1124802">VUL-0: CVE-2019-7575: SDL,SDL2: heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c</issue>
  <issue tracker="bnc" id="1124827">VUL-1: CVE-2019-7635: SDL,SDL2: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c</issue>
  <issue tracker="bnc" id="1124800">VUL-1: CVE-2019-7577: SDL,SDL2: buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.</issue>
  <issue tracker="bnc" id="1124826">VUL-1: CVE-2019-7636: SDL,SDL2: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c</issue>
  <issue tracker="bnc" id="1124805">VUL-1: CVE-2019-7573: SDL,SDL2: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop)</issue>
  <issue tracker="bnc" id="1125099">VUL-1: CVE-2019-7578: SDL,SDL2: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c</issue>
  <issue tracker="bnc" id="1124825">VUL-0: CVE-2019-7637: SDL,SDL2: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c</issue>
  <issue tracker="bnc" id="1124824">VUL-1: CVE-2019-7638: SDL,SDL2: heap-based buffer over-read in Map1toN in video/SDL_pixels.c</issue>
  <issue tracker="cve" id="2019-7573"/>
  <issue tracker="cve" id="2019-7572"/>
  <issue tracker="cve" id="2019-7575"/>
  <issue tracker="cve" id="2019-7574"/>
  <issue tracker="cve" id="2019-7577"/>
  <issue tracker="cve" id="2019-7576"/>
  <issue tracker="cve" id="2019-7578"/>
  <issue tracker="cve" id="2019-7636"/>
  <issue tracker="cve" id="2019-7638"/>
  <issue tracker="cve" id="2019-7635"/>
  <issue tracker="cve" id="2019-7637"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>zhengqiang</packager>
  <description>This update for SDL2 fixes the following issues:

Security issues fixed:

- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806).
- CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099).
- CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799).
- CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805).
- CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827).
- CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826).
- CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824).
- CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803).
- CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802).
- CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825).
- CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).
</description>
  <summary>Security update for SDL2</summary>
</patchinfo>