Summary: | <media-libs/sdl2-image-2.0.4: code execution in the XCF image rendering functionality (CVE-2018-3977) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | games |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
media-libs/sdl2-image-2.0.4
media-libs/sdl2-mixer-2.0.4
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2018-12-30 21:02:19 UTC
Added to an existing GLSA. @ Arches, please test and mark stable: =media-libs/sdl2-image-2.0.4 x86 stable amd64 stable oggh, sorry, autoclose @games, please clean. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6338bd985b7f559eaff8fab0de624ee4e777b943 commit 6338bd985b7f559eaff8fab0de624ee4e777b943 Author: James Le Cuirot <chewi@gentoo.org> AuthorDate: 2019-03-10 10:22:02 +0000 Commit: James Le Cuirot <chewi@gentoo.org> CommitDate: 2019-03-10 10:22:02 +0000 media-libs/sdl2-image: Drop old and vulnerable 2.0.3 Bug: https://bugs.gentoo.org/674132 Package-Manager: Portage-2.3.62, Repoman-2.3.12 Signed-off-by: James Le Cuirot <chewi@gentoo.org> media-libs/sdl2-image/Manifest | 1 - media-libs/sdl2-image/sdl2-image-2.0.3.ebuild | 61 --------------------------- 2 files changed, 62 deletions(-) This issue was resolved and addressed in GLSA 201903-17 at https://security.gentoo.org/glsa/201903-17 by GLSA coordinator Aaron Bauman (b-man). |