Joined: 12 May 2004
|Posted: Thu Mar 28, 2019 3:26 am Post subject: [ GLSA 201903-17 ] SDL2_Image
|Gentoo Linux Security Advisory
Title: SDL2_Image: Multiple vulnerabilities (GLSA 201903-17)
Exploitable: local, remote
Bug(s): #655226, #674132
Multiple vulnerabilities have been found in the image loading
for Simple DirectMedia Layer, the worst of which could result in the remote
execution of arbitrary code.
SDL_image is an image file library that loads images as SDL surfaces,
and supports various formats like BMP, GIF, JPEG, LBM, PCX, PNG, PNM,
TGA, TIFF, XCF, XPM, and XV.
Vulnerable: < 2.0.4
Unaffected: >= 2.0.4
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in SDL2_Image. Please
review the CVE identifiers referenced below for details.
A remote attacker, by enticing a user to process a specially crafted
image file, could execute arbitrary code, cause a Denial of Service
condition, or obtain sensitive information.
There is no known workaround at this time.
All SDL2_Image users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/sdl2-image-2.0.4"
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum