Debian Quality Assurance

libsdl1.2 (1.2.15+dfsg2-8) [PTS] [DDPO]

OK: VCS matches the version in the archive

• Git: https://salsa.debian.org/sdl-team/libsdl1.2.git
• JSON
  Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
  For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
  The next upload will reset the information from the source package headers.
• Branch: master
• Path: debian/changelog
• Browser: https://salsa.debian.org/sdl-team/libsdl1.2
• Last scan: 2022-12-08 11:44:15+00
• Next scan: 2022-12-16 10:36:00+00
• Debian changelog in Git:

  libsdl1.2 (1.2.15+dfsg2-8) unstable; urgency=medium
  
    * Team upload
    * d/p/SDL_x11yuv.c-fix-possible-use-after-free.patch:
      Add patch from upstream to fix a use-after-free (CVE-2022-34568)
      (Closes: #1016352)
    * d/p/SDL_bmp.c-reject-bmp-files-with-zero-bpp.patch:
      Add patch from upstream to reject .bmp files claiming to be 0 bits
      per pixel.
      This does not have a CVE ID, but seems like the sort of thing that
      could cause denial of service via a crash or infinite loop.
    * d/patches: Improve patch metadata by syncing with upstream commits.
      In particular, various patches for audio- and image-related buffer
      overflows are now correctly attributed to Petr Písař of Red Hat.
      Some were split into commits differently upstream, so the patch filenames
      do not correspond 1:1.
      No functional changes, other than some ppc64le-specific code now being
      correctly #ifdef'd out on other architectures.
    * d/patches: Sort patch series with non-upstream patches last
  
   -- Simon McVittie <smcv@debian.org>  Mon, 01 Aug 2022 11:51:13 +0100

• This branch is even with tag debian/1.2.15+dfsg2-8

Package: JSON [Main page]

---

Back to the Debian Project homepage.

---