SDL-1.2.15-15.el7
エラータID: AXSA:2019-4397:01
リリース日:
2019/12/08 Sunday - 17:18
題名:
SDL-1.2.15-15.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- SDLには、SDL_SoftBlit関数から呼ばれるとき、BlitNtoN関数がヒープベースの
バッファオーバーリードをしてしまう脆弱性があります。(CVE-2019-13616)
- 現時点では CVE-2019-14906 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-13616
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-14906
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
追加情報:
N/A
ダウンロード:
SRPMS
- SDL-1.2.15-15.el7.src.rpm
MD5: 33bc5df9468e81ccde2950e8a35c0f33
SHA-256: f2e9820ae025a13982074fafedf459120b95edd03df1079ef77922e10e6d681e
Size: 3.40 MB
Asianux Server 7 for x86_64
- SDL-1.2.15-15.el7.x86_64.rpm
MD5: b60eb22d2a0b167168f3c640d5e2c059
SHA-256: 25fe9d42f19953ec3f321f8e7509dce14de9bcafeb7e1969c7d0b8bac3bb14a5
Size: 203.71 kB - SDL-devel-1.2.15-15.el7.x86_64.rpm
MD5: ed05b8bda8d7610279d1165dcdea838f
SHA-256: f4b2bd5f3e95d5e73f3ce55570e02834d9c0f0de2b00354740103a0b9cd89e5c
Size: 354.02 kB - SDL-1.2.15-15.el7.i686.rpm
MD5: 5a305de8bff903c1a634020e1821c016
SHA-256: 596d1fc4229d6bf39baac02b752180b664a58dbad889d535f6ad41210afbce0b
Size: 211.24 kB - SDL-devel-1.2.15-15.el7.i686.rpm
MD5: 64b30ef1c405604868fa2439e29e765c
SHA-256: faeb377f0ae4f1611ffd7312a2687f3fb102b36ac1143b329bea030cac8dedd4
Size: 354.04 kB