[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CVE-2019-12221 affects libsdl2-image/sdl-image1.2, not libsdl2/libsdl1.2


I investigated CVE-2019-12221[0] and found out that the issue lies in the
libsdl2-image/sdl-image1.2 codebase, not libsdl2/libsdl1.2.

I have temporarily added a NOTE to the tracker because I was not sure of
how to handle this[1]. Should I simply replace

[stretch] - libsdl2 <no-dsa>


[stretch] - libsdl2-image <no-dsa>

and same for libsdl1.2?


[0] https://bugzilla.libsdl.org/show_bug.cgi?id=4628
[1] https://salsa.debian.org/security-tracker-team/security-tracker/commit/39f9e891a4b37

                Hugo Lefeuvre (hle)    |    www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C

Attachment: signature.asc
Description: PGP signature

Reply to: