An issue has been found in libsdl1.2, a library for portable low level access to a video framebuffer, audio output, mouse, and keyboard. It is related to an heap-based buffer over-read, resulting in a DoS by using a crafted BMP file.
For Debian 8 jessie, these problems have been fixed in version 1.2.15-10+deb8u3.
We recommend that you upgrade your libsdl1.2 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/