Package: libsdl2-image / 2.0.4+dfsg1-1+deb10u1

Metadata

Package Version Patches format
libsdl2-image 2.0.4+dfsg1-1+deb10u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
CVE 2019 12218.patch | (download)

IMG_pcx.c | 32 21 + 11 - 0 !
1 file changed, 21 insertions(+), 11 deletions(-)

 fix heap buffer overflow issue in img_pcx.c
 Issue known as TALOS-2019-0841, CVE-2019-12218.
CVE 2019 5052.patch | (download)

IMG_pcx.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix invalid data read on bpl == -1
 Issue known as TALOS-2019-0821, or CVE-2019-5052.
IMG_pcx out of bounds.patch | (download)

IMG_pcx.c | 23 14 + 9 - 0 !
1 file changed, 14 insertions(+), 9 deletions(-)

 fix multiple oob issues in img_pcx.c
 This patches addresses following issues: CVE-2019-12222, CVE-2019-12221,
 CVE-2019-12220, CVE-2019-12219 and CVE-2019-12217.
CVE 2019 7635.patch | (download)

IMG_bmp.c | 29 26 + 3 - 0 !
1 file changed, 26 insertions(+), 3 deletions(-)

 fix heap-buffer overflow in blit1to4 (img_bmp.c)
CVE 2019 5058.patch | (download)

IMG_xcf.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fixed talos-2019-0842 - xcf image code execution vulnerability
 This patch addresses a bug in a previous security patch for CVE-2018-3977.
 The initial patch failing to address this issue, the bug was "re-discovered"
 later and addressed CVE-2019-5058.