[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2019-12221 affects libsdl2-image/sdl-image1.2, not libsdl2/libsdl1.2

Hi Salvatore,

> When the CVE first appeared it was not yet clear where exactly the
> vulnerabilities lie, thus we kept the TODO as per 
> TODO: check details and correct vulnerability location
> Now that you apparently found the root cause and followed up upstream
> in the bugzilla, right thing would be to replace the source package
> tracking entries to the correct source. 
> So basically replace tracking of slibsdl2 and libsdl1.2 with
> libsdl2-image and sdl-image1.2 instead.

I see that you already did it, thanks! :)


                Hugo Lefeuvre (hle)    |    www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C

Attachment: signature.asc
Description: PGP signature

Reply to: