ELA-520-1 libsdl1.2 security update

heap-based buffer over-read

2021-11-21
Packagelibsdl1.2
Version1.2.15-10+deb8u3
Related CVEs CVE-2019-13616

An issue has been found in libsdl1.2, a library for portable low level access to a video framebuffer, audio output, mouse, and keyboard. It is related to an heap-based buffer over-read, resulting in a DoS by using a crafted BMP file.

For Debian 8 jessie, these problems have been fixed in version 1.2.15-10+deb8u3.

We recommend that you upgrade your libsdl1.2 packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/