PT-2019-20233 · Mageia · Mingw-Sdl2+1

Published

2019-09-06

Updated

2019-09-06

CVE-2010-13616

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Updated sdl2 packages fix security vulnerabilities

This release fixes various buffer overflows when parsing or processing damaged Waveform audio and BMP image files.

Fix CVE-2019-7572 (a buffer overread in IMA ADPCM nibble) (rhbz#1676754)
Fix CVE-2019-7572 (a buffer overwrite in IMA ADPCM nibble) (rhbz#1676754)
Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS ADPCM) (rhbz#1676752, rhbz#1676756)
Fix CVE-2019-7574 (a buffer overread in IMA ADPCM decode) (rhbz#1676750)
Fix CVE-2019-7575 (a buffer overwrite in MS ADPCM decode) (rhbz#1676744)
Fix CVE-2019-7577 (a buffer overread in MS ADPCM decode) (rhbz#1676510)
Fix CVE-2019-7578 (a buffer overread in InitIMA ADPCM) (rhbz#1676782)
Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel colors out the palette) (rhbz#1677159)
Fix CVE-2019-7636, CVE-2019-7638 (buffer overflows when processing BMP images with too high number of colors) (rhbz#1677144, rhbz#1677157)
Fix CVE-2019-7637 (an integer overflow in SDL CalculatePitch) (rhbz#1677152)
Reject 2, 3, 5, 6, 7-bpp BMP images (rhbz#1677159)
Fix CVE-2010-13616 (heap-based buffer over-read in BlitNtoN in video/SDL blit N.c when called from SDL SoftBlit in video/SDL blit.c)

The 2.0.10 release also provides various features and bug fixes.

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2010-13616

MGASA-2019-0239

Mingw-Sdl2

Sdl2