USN-4156-2: SDL vulnerabilities

16 October 2019

Several security issues were fixed in SDL.

Releases

Packages

  • libsdl1.2 - Simple DirectMedia Layer debug files

Details

USN-4156-1 fixed several vulnerabilities in SDL. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that SDL incorrectly handled certain images. If a user
were tricked into opening a crafted image file, a remote attacker could
use this issue to cause SDL to crash, resulting in a denial of service, or
possibly execute arbitary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04
Ubuntu 12.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-4143-1: libsdl2-dev, libsdl2, libsdl2-doc, libsdl2-2.0-0
  • USN-4156-1: libsdl1.2-dev, libsdl1.2debian, libsdl1.2
  • USN-4238-1: libsdl-image1.2, sdl-image1.2, libsdl-image1.2-dev