Security Information / 2018 / Security Information -- DSA-4177-1 libsdl2-image

Debian Security Advisory

DSA-4177-1 libsdl2-image -- security update

Date Reported:

20 Apr 2018

Affected Packages:

libsdl2-image

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2017-2887, CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14449, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839.

More information:

Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened.

For the oldstable distribution (jessie), these problems have been fixed in version 2.0.0+dfsg-3+deb8u1.

For the stable distribution (stretch), these problems have been fixed in version 2.0.1+dfsg-2+deb9u1.

We recommend that you upgrade your libsdl2-image packages.

For the detailed security status of libsdl2-image please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libsdl2-image