Package: sdl-image1.2 / 1.2.12-5+deb8u1

Metadata

Package Version Patches format
sdl-image1.2 1.2.12-5+deb8u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
CVE 2017 2887.patch | (download)

IMG_xcf.c | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

---
CVE 2017 12122 1.patch | (download)

IMG_lbm.c | 8 4 + 4 - 0 !
1 file changed, 4 insertions(+), 4 deletions(-)

 lbm: use correct variable to check color planes.
CVE 2017 12122 2.patch | (download)

IMG_lbm.c | 6 6 + 0 - 0 !
1 file changed, 6 insertions(+)

 lbm: fail to load images with unsupported/bogus color depth.
CVE 2017 14440.patch | (download)

IMG_lbm.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 lbm: don't overflow static colormap buffer.
CVE 2017 14441.patch | (download)

IMG_bmp.c | 8 8 + 0 - 0 !
1 file changed, 8 insertions(+)

 ico: reject obviously incorrect image sizes.
CVE 2017 14442.patch | (download)

IMG_bmp.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 bmp: don't overflow palette buffer with bogus biclrused values.
CVE 2017 14448.patch | (download)

IMG_xcf.c | 17 17 + 0 - 0 !
1 file changed, 17 insertions(+)

 xcf: deal with bogus data in rle tile decoding.
CVE 2017 14450.patch | (download)

IMG_gif.c | 6 4 + 2 - 0 !
1 file changed, 4 insertions(+), 2 deletions(-)

 gif: report error on bogus lwz data, instead of overflowing a buffer.
CVE 2018 3837.patch | (download)

IMG_pcx.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 pcx: don't overflow buffer if bytes-per-line is less than image width.
CVE 2018 3838.patch | (download)

IMG_xcf.c | 14 14 + 0 - 0 !
1 file changed, 14 insertions(+)

 xcf: prevent infinite loop and/or buffer overflow on bogus data.
CVE 2018 3839.patch | (download)

IMG_xcf.c | 12 12 + 0 - 0 !
1 file changed, 12 insertions(+)

 xcf: check for some potential integer overflows.