==========================================================================
Ubuntu Security Notice USN-4156-2
October 16, 2019
libsdl1.2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in SDL.
Software Description:
– libsdl1.2: Simple DirectMedia Layer debug files
Details:
USN-4156-1 fixed several vulnerabilities in SDL. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that SDL incorrectly handled certain images. If a user
were tricked into opening a crafted image file, a remote attacker could
use this issue to cause SDL to crash, resulting in a denial of service, or
possibly execute arbitary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 ESM:
libsdl1.2debian 1.2.15-8ubuntu1.1+esm1
Ubuntu 12.04 ESM:
libsdl1.2debian 1.2.14-6.4ubuntu3.2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4156-2
https://usn.ubuntu.com/4156-1
CVE-2019-13616, CVE-2019-7572, CVE-2019-7573, CVE-2019-7574,
CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578,
CVE-2019-7635, CVE-2019-7636, CVE-2019-7637
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIcBAEBAgAGBQJdpzP+AAoJEEW851uECx9pmXYP/1Os5OQHpOItHKfsf2dGQv2N
2qKY21Vp19ZqCbgaVkT/dyQQeRnDu/f4wA/njJYq7fn6ZUzYGr9FJnFmrTIbU1sK
J4KkJs78GJN7smCi243i5n3mQdLnJncSI0HCvhxy3D7VSGVPVMTRLj7aQaE69ldN
UUAgUVA0zQIxlTezkQJhTHl8P5JQ5JPSiDO0U2p85nNDdi/jllqfZfbQdmbrAQ9L
cmGHlYL0ESKuw80UnDBcKYgbS8eZ4ip45f8jb74kAtUtMq+omKc3UY7NwwoyNC3T
ZgtW094rNuIh3TBkbrgpQJTLSbOrQAqTrDH5+y/7CYSJcEu+MMONgiPndvfOXkYC
IhzBDyfvvamKr4dowlCue6nWZEXujXJEMJ+qfqfEiZAYE9Xd2QHpXf178scF9Y0+
k1q22L788zTwYZKDR+rXysDBoDzieiq3W9HhUe6VtCad8Lykdu5SE3YVuRMUAMA+
brZ9ulFkNK30+QNhhRcrDkyAVQK5bMsQxJPvHZFrfGO8WZEhQaJK2iUKOGcUMHkL
sIsmHMfi8sadF+zDIHiBdOPwtoCHwH5taraO+tlkMyjIoSEw3P0XveUJsMfgqwv+
TLrW33+J6rsXCLMORVf4Hwq8k9U4I1xPHsP3NB6YN1jtuKYBHVDmSu67Qb5dbhJh
kmmOtdSKGz9Ymsp4HsMR
=xyz8
—–END PGP SIGNATURE—–
—