SDL-1.2.15-15.el7

エラータID: AXSA:2019-4397:01

Release date: 
Sunday, December 8, 2019 - 17:18
Subject: 
SDL-1.2.15-15.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device.

Security Fix(es):

* SDL: CVE-2019-13616 not fixed in Asianux Server 7 erratum RHSA-2019:3950 (CVE-2019-14906)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-13616
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-14906
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. SDL-1.2.15-15.el7.src.rpm
    MD5: 33bc5df9468e81ccde2950e8a35c0f33
    SHA-256: f2e9820ae025a13982074fafedf459120b95edd03df1079ef77922e10e6d681e
    Size: 3.40 MB

Asianux Server 7 for x86_64
  1. SDL-1.2.15-15.el7.x86_64.rpm
    MD5: b60eb22d2a0b167168f3c640d5e2c059
    SHA-256: 25fe9d42f19953ec3f321f8e7509dce14de9bcafeb7e1969c7d0b8bac3bb14a5
    Size: 203.71 kB
  2. SDL-devel-1.2.15-15.el7.x86_64.rpm
    MD5: ed05b8bda8d7610279d1165dcdea838f
    SHA-256: f4b2bd5f3e95d5e73f3ce55570e02834d9c0f0de2b00354740103a0b9cd89e5c
    Size: 354.02 kB
  3. SDL-1.2.15-15.el7.i686.rpm
    MD5: 5a305de8bff903c1a634020e1821c016
    SHA-256: 596d1fc4229d6bf39baac02b752180b664a58dbad889d535f6ad41210afbce0b
    Size: 211.24 kB
  4. SDL-devel-1.2.15-15.el7.i686.rpm
    MD5: 64b30ef1c405604868fa2439e29e765c
    SHA-256: faeb377f0ae4f1611ffd7312a2687f3fb102b36ac1143b329bea030cac8dedd4
    Size: 354.04 kB