Debian Security Advisory
DSA-4177-1 libsdl2-image -- security update
- Date Reported:
- 20 Apr 2018
- Affected Packages:
- libsdl2-image
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-2887, CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14449, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839.
- More information:
-
Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened.
For the oldstable distribution (jessie), these problems have been fixed in version 2.0.0+dfsg-3+deb8u1.
For the stable distribution (stretch), these problems have been fixed in version 2.0.1+dfsg-2+deb9u1.
We recommend that you upgrade your libsdl2-image packages.
For the detailed security status of libsdl2-image please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libsdl2-image