PT-2019-20233 · Mageia · Mingw-Sdl2+1

Publicado

2019-09-06

Atualizado

2019-09-06

CVE-2010-13616

Nenhuma

Não há classificações de severidade ou métricas disponíveis. Quando houver, atualizaremos as informações correspondentes na página.

Updated sdl2 packages fix security vulnerabilities

This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files.

Fix CVE-2019-7572 (a buffer overread in IMA ADPCM nibble) (rhbz#1676754)
Fix CVE-2019-7572 (a buffer overwrite in IMA ADPCM nibble) (rhbz#1676754)
Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS ADPCM) (rhbz#1676752, rhbz#1676756)
Fix CVE-2019-7574 (a buffer overread in IMA ADPCM decode) (rhbz#1676750)
Fix CVE-2019-7575 (a buffer overwrite in MS ADPCM decode) (rhbz#1676744)
Fix CVE-2019-7577 (a buffer overread in MS ADPCM decode) (rhbz#1676510)
Fix CVE-2019-7578 (a buffer overread in InitIMA ADPCM) (rhbz#1676782)
Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel colors out the palette) (rhbz#1677159)
Fix CVE-2019-7636, CVE-2019-7638 (buffer overflows when processing BMP images with too high number of colors) (rhbz#1677144, rhbz#1677157)
Fix CVE-2019-7637 (an integer overflow in SDL CalculatePitch) (rhbz#1677152)
Reject 2, 3, 5, 6, 7-bpp BMP images (rhbz#1677159)
Fix CVE-2010-13616 (heap-based buffer over-read in BlitNtoN in video/SDL blit N.c when called from SDL SoftBlit in video/SDL blit.c)

The 2.0.10 release also provides various features and bug fixes.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2010-13616

MGASA-2019-0239

Mingw-Sdl2

Sdl2