SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-104

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-104

Security update for SDL2

Type: security

Severity: important

Issued: 2022-01-18

Description:

This update for SDL2 fixes the following issues:

- CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP (bsc#1181202).
- CVE-2020-14410: Fixed heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP (bsc#1181201).

References

Packages

SDL2-2.0.8-11.3.1