Overview

File _patchinfo of Package patchinfo.12372

<patchinfo incident="12372">
  <issue tracker="bnc" id="1141844">VUL-1: CVE-2019-13616: SDL,SDL2: through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.</issue>
  <issue tracker="bnc" id="1142031">VUL-0: CVE-2019-13626: SDL2: integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c leads to heap-based buffer over-read in Fill_IMA_ADPCM_block</issue>
  <issue tracker="cve" id="2019-13616"/>
  <issue tracker="cve" id="2019-13626"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>mgorse</packager>
  <description>This update for SDL2 fixes the following issues:

Security issues fixed:

- CVE-2019-13616: Fixed heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c (bsc#1141844).
- CVE-2019-13626: Fixed integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c (bsc#1142031).
</description>
  <summary>Security update for SDL2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places