File _patchinfo of Package patchinfo.22370
<patchinfo incident="22370">
<issue tracker="bnc" id="1181201">VUL-0: CVE-2020-14410: SDL,SDL2: heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP</issue>
<issue tracker="bnc" id="1181202">VUL-0: CVE-2020-14409: SDL2,SDL: Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP</issue>
<issue tracker="cve" id="2020-14409"/>
<issue tracker="cve" id="2020-14410"/>
<packager>mgorse</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for SDL2</summary>
<description>This update for SDL2 fixes the following issues:
- CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP (bsc#1181202).
- CVE-2020-14410: Fixed heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP (bsc#1181201).
</description>
</patchinfo>