Updated SDL_image packages fix security vulnerability
Publication date: 06 Jun 2018Modification date: 06 Jun 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-12122 , CVE-2017-14440 , CVE-2017-14441 , CVE-2017-14442 , CVE-2017-14448 , CVE-2017-14450 , CVE-2018-3837 , CVE-2018-3838 , CVE-2018-3839
Description
Multiple vulnerabilities have been discovered in the image loading library
for Simple DirectMedia Layer 1.2, which could result in denial of service
or the execution of arbitrary code if malformed image files are opened
(CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442,
CVE-2017-14448, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838,
CVE-2018-3839).
References
- https://bugs.mageia.org/show_bug.cgi?id=22967
- https://www.debian.org/security/2018/dsa-4184
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12122
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14440
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14441
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14442
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14448
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14450
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3837
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3838
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3839
SRPMS
6/core
- SDL_image-1.2.12-9.2.mga6
5/core
- SDL_image-1.2.12-8.2.mga5