==========================================================================
Ubuntu Security Notice USN-4238-1
January 14, 2020
sdl-image1.2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in SDL_image.
Software Description:
– sdl-image1.2: Image loading library for Simple DirectMedia Layer 1.2
Details:
It was discovered that SDL_image incorrectly handled certain image files. An
attacker could possibly use this issue to cause a denial of service or other
unspecified impact.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libsdl-image1.2 1.2.12-8ubuntu0.1
Ubuntu 16.04 LTS:
libsdl-image1.2 1.2.12-5+deb9u1ubuntu0.16.04.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4238-1
CVE-2018-3977, CVE-2019-12216, CVE-2019-12217, CVE-2019-12218,
CVE-2019-12219, CVE-2019-12220, CVE-2019-12221, CVE-2019-12222,
CVE-2019-13616, CVE-2019-5051, CVE-2019-5052, CVE-2019-7635
Package Information:
https://launchpad.net/ubuntu/+source/sdl-image1.2/1.2.12-8ubuntu0.1
https://launchpad.net/ubuntu/+source/sdl-image1.2/1.2.12-5+deb9u1ubuntu0.16.04.1
—–BEGIN PGP SIGNATURE—–
iQIzBAABCgAdFiEECtyyz6azUy6AZBzSkGeI6zGnN/8FAl4d3OgACgkQkGeI6zGn
N/8ftg//TlQK5ebf4zvcvDFcW2Ml+7SBM6Rc23BTbczJYPwmIdLIONJlFBgsm+nT
F8hzHK4VIoAqy/n2Oe2Nk6PpfoxvsNgJvq+V4LpXDHeYsP5WFPZb9U42ysA/1/oK
JrF89d+HOhVGUCv2nX0XM0NHsgFpjVd+hhufOB5Gs+XoZqMH8DE3c6MsaEzEBnKF
GhoOHmrs7n5uBorDzBErwBoG92zHNnER4lwCrGI1Xs0H5lBUsfOY3IBtf4jQkay4
tTyrKAWSxc3gV2rwesgsks0Ctc6/V47Ov42lTcl6kEEI4RI4us0rtBVqALN86eSf
DEDumGEaY6G0cKsdwRcNwPUbXq/kZWtUNzZQe9RvrRDeGxzOnQ8SNPhpJAALT0zz
d7jht5dQ+bBMYjWzHq0ip5wxTu+9fBMm3PuS4pHnJndsBriCXf4O3XYjdPQx1iR9
2+lga9evW3qqPrjBUUSKJhkNHZv3HYO/drhaZzKqiHC5qtLpfq8C7V5W7r6gleMO
nTLUUf2TH6+HtFM63VLTyMfMtsPwWCfzx0kUlh92xNkQbEYRnmdQTvp4oqSkH5Eq
2UiGCsRAWDfdcyAzMiKYauiqr3hMRVi/Js5p80Uf3/cRB/wKPwL5bARCobofoV3/
wo4cX8FXhwKG+/LgMIOe74V6xchwuj/xpnfRcz8b1hbv7B2XOB4=
=KEr5
—–END PGP SIGNATURE—–
—