Re: libsdl2 patches cause regressions in Jessie

To: Avital Ostromich <avital.ostromich@canonical.com>
Cc: debian-lts@lists.debian.org
Subject: Re: libsdl2 patches cause regressions in Jessie
From: Hugo Lefeuvre <hle@debian.org>
Date: Mon, 7 Oct 2019 22:32:11 +0200
Message-id: <[🔎] 20191007203211.os7ubyxxnje7ufgh@behemoth.owl.eu.com.local>
In-reply-to: <[🔎] CADRr2ieyiuCg67raUrZ47_1TpmjPo4Z1+exDkHfSdD7Csq53Tw@mail.gmail.com>
References: <[🔎] CADRr2ieyiuCg67raUrZ47_1TpmjPo4Z1+exDkHfSdD7Csq53Tw@mail.gmail.com>

Hi,

> If my understanding is correct, some patches in libsdl2
> (2.0.2+dfsg1-6+deb8u1) as applied in Jessie cause issues because they were
> intended for libsdl1.2, not libsdl2.
> The patch for CVE-2019-7637 causes regressions (more info here
> <https://bugzilla.novell.com/show_bug.cgi?id=1124825>), the commit here
> <https://hg.libsdl.org/SDL/rev/81a4950907a0> fixes the CVE.
> The patch for CVEs CVE-2019-7635, CVE-2019-7638 and CVE-2019-7636 has
> unreachable code. The commit here
> <https://hg.libsdl.org/SDL/rev/7c643f1c1887> fixes CVE-2019-7635 and the
> commit here <https://hg.libsdl.org/SDL/rev/07c39cbbeacf> fixes CVEs
> CVE-2019-7638 and CVE-2019-7636.

This looks like a regression, indeed. I will provide a regression update
as soon as possible.

regards,
Hugo

-- 
                Hugo Lefeuvre (hle)    |    www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: libsdl2 patches cause regressions in Jessie
  - From: Hugo Lefeuvre <hle@debian.org>

References:
- libsdl2 patches cause regressions in Jessie
  - From: Avital Ostromich <avital.ostromich@canonical.com>

Prev by Date: libsdl2 patches cause regressions in Jessie
Next by Date: Re: libsdl2 patches cause regressions in Jessie
Previous by thread: libsdl2 patches cause regressions in Jessie
Next by thread: Re: libsdl2 patches cause regressions in Jessie
Index(es):
- Date
- Thread