Oval Definition:oval:org.opensuse.security:def:63897
Revision Date:2020-12-01Version:1
Title:Security update for SDL (Moderate)
Description:

This update for SDL fixes the following issues: Security issues fixed:

- CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806). - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099). - CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799). - CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805). - CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827). - CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826). - CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824). - CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803). - CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802). - CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825). - CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800).
Family:unixClass:patch
Status:Reference(s):1115375
1124799
1124800
1124802
1124803
1124805
1124806
1124824
1124825
1124826
1124827
1125099
1140461
1141780
1141781
1141782
1141783
1141784
1141785
1141787
1141788
1141789
1156275
1160968
1161168
1167890
1167976
1168026
1168930
1171740
1173986
1174420
1174633
1174635
1174638
1175193
1175194
1176756
1178666
1178667
1178668
CVE-2019-14869
CVE-2019-2745
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-2818
CVE-2019-2821
CVE-2019-7317
CVE-2019-7572
CVE-2019-7573
CVE-2019-7574
CVE-2019-7575
CVE-2019-7576
CVE-2019-7577
CVE-2019-7578
CVE-2019-7635
CVE-2019-7636
CVE-2019-7637
CVE-2019-7638
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-14349
CVE-2020-14350
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-25694
CVE-2020-25695
CVE-2020-25696
CVE-2020-2583
CVE-2020-2590
CVE-2020-2593
CVE-2020-2601
CVE-2020-2604
CVE-2020-2654
CVE-2020-2659
CVE-2020-5260
CVE-2020-6095
CVE-2020-8616
CVE-2020-8617
openSUSE-SU-2019:1916-1
openSUSE-SU-2019:2535-1
openSUSE-SU-2020:0535-1
openSUSE-SU-2020:1302-1
SUSE-SU-2019:0899-1
SUSE-SU-2020:0261-1
SUSE-SU-2020:0992-1
SUSE-SU-2020:1350-1
SUSE-SU-2020:3464-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • java-11-openjdk-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-accessibility-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-demo-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-devel-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-headless-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-javadoc-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-jmods-11.0.4.0-lp151.3.6 is installed
  • OR java-11-openjdk-src-11.0.4.0-lp151.3.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • xorg-x11-server-1.20.3-lp152.8.3 is installed
  • OR xorg-x11-server-extra-1.20.3-lp152.8.3 is installed
  • OR xorg-x11-server-sdk-1.20.3-lp152.8.3 is installed
  • OR xorg-x11-server-source-1.20.3-lp152.8.3 is installed
  • OR xorg-x11-server-wayland-1.20.3-lp152.8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • SDL-1.2.15-15.11 is installed
  • OR libSDL-1_2-0-1.2.15-15.11 is installed
  • OR libSDL-1_2-0-32bit-1.2.15-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-78.3.0-112.22 is installed
  • OR MozillaFirefox-devel-78.3.0-112.22 is installed
  • OR MozillaFirefox-translations-common-78.3.0-112.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • postgresql10-10.15-4.9 is installed
  • OR postgresql10-contrib-10.15-4.9 is installed
  • OR postgresql10-docs-10.15-4.9 is installed
  • OR postgresql10-plperl-10.15-4.9 is installed
  • OR postgresql10-plpython-10.15-4.9 is installed
  • OR postgresql10-pltcl-10.15-4.9 is installed
  • OR postgresql10-server-10.15-4.9 is installed
    • BACK