Updated SDL_image packages fix security vulnerability
Publication date: 06 Jun 2018Modification date: 06 Jun 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-12122 , CVE-2017-14440 , CVE-2017-14441 , CVE-2017-14442 , CVE-2017-14448 , CVE-2017-14450 , CVE-2018-3837 , CVE-2018-3838 , CVE-2018-3839
Description
Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened (CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839).
References
- https://bugs.mageia.org/show_bug.cgi?id=22967
- https://www.debian.org/security/2018/dsa-4184
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12122
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14440
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14441
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14442
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14448
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14450
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3837
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3838
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3839
SRPMS
5/core
- SDL_image-1.2.12-8.2.mga5
6/core
- SDL_image-1.2.12-9.2.mga6