Bug#933147: buster-pu: package libsdl2-image/2.0.4+dfsg1+deb10u1

To: Hugo Lefeuvre <hle@debian.org>, 933147@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#933147: buster-pu: package libsdl2-image/2.0.4+dfsg1+deb10u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 4 Aug 2019 21:12:21 +0200
Message-id: <[🔎] 20190804191221.GA7160@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 933147@bugs.debian.org
In-reply-to: <20190726215313.GA5531@behemoth.owl.eu.com.local>
References: <20190726215313.GA5531@behemoth.owl.eu.com.local> <20190726215313.GA5531@behemoth.owl.eu.com.local>

Hi Hugo,

Maybe I'm missing something but but please double check. Can it be
that the stretch-pu upload contains the fix
https://hg.libsdl.org/SDL_image/rev/b1a80aec2b10 for TALOS-2019-0842
but the buster-pu one missed it? (Note this has a new CVE assigned
CVE-2019-5058, the change afaics is included in your stretch-pu
debdiff, is this right? but not in the buster-pu one?)

Would be great if you can re-check if the above is correct.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Bug#933147: buster-pu: package libsdl2-image/2.0.4+dfsg1+deb10u1
  - From: Hugo Lefeuvre <hle@debian.org>

Prev by Date: NEW changes in stable-new
Next by Date: Bug#933379: backup-manager 0.7.14-1+deb10u1 flagged for acceptance
Previous by thread: Bug#932945: buster-pu: package passwordsafe/1.06+dfsg-1
Next by thread: Bug#933147: buster-pu: package libsdl2-image/2.0.4+dfsg1+deb10u1
Index(es):
- Date
- Thread