Security Information / 2018 / Security Information -- DSA-4184-1 sdl-image1.2

Debian Security Advisory

DSA-4184-1 sdl-image1.2 -- security update

Date Reported:

28 Apr 2018

Affected Packages:

sdl-image1.2

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 878267.
In Mitre's CVE dictionary: CVE-2017-2887, CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839.

More information:

Multiple vulnerabilities have been discovered in the image loading library for Simple DirectMedia Layer 1.2, which could result in denial of service or the execution of arbitrary code if malformed image files are opened.

For the oldstable distribution (jessie), these problems have been fixed in version 1.2.12-5+deb8u1.

For the stable distribution (stretch), these problems have been fixed in version 1.2.12-5+deb9u1.

We recommend that you upgrade your sdl-image1.2 packages.

For the detailed security status of sdl-image1.2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/sdl-image1.2