USN-4156-2: SDL vulnerabilities
16 October 2019
Several security issues were fixed in SDL.
Releases
Packages
- libsdl1.2 - Simple DirectMedia Layer debug files
Details
USN-4156-1 fixed several vulnerabilities in SDL. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that SDL incorrectly handled certain images. If a user
were tricked into opening a crafted image file, a remote attacker could
use this issue to cause SDL to crash, resulting in a denial of service, or
possibly execute arbitary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04
Ubuntu 12.04
In general, a standard system update will make all the necessary changes.
Related notices
- USN-4156-1: libsdl1.2debian, libsdl1.2-dev, libsdl1.2
- USN-4238-1: libsdl-image1.2, sdl-image1.2, libsdl-image1.2-dev
- USN-4143-1: libsdl2, libsdl2-2.0-0, libsdl2-doc, libsdl2-dev