libsdl1.2 (1.2.15+dfsg2-8)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://salsa.debian.org/sdl-team/libsdl1.2.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 7032832
- Browser: https://salsa.debian.org/sdl-team/libsdl1.2
- Last scan: 2023-06-01 06:19:12+00
- Next scan: 2023-06-09 08:17:00+00
- Debian changelog in Git:
libsdl1.2 (1.2.15+dfsg2-8) unstable; urgency=medium
* Team upload
* d/p/SDL_x11yuv.c-fix-possible-use-after-free.patch:
Add patch from upstream to fix a use-after-free (CVE-2022-34568)
(Closes: #1016352)
* d/p/SDL_bmp.c-reject-bmp-files-with-zero-bpp.patch:
Add patch from upstream to reject .bmp files claiming to be 0 bits
per pixel.
This does not have a CVE ID, but seems like the sort of thing that
could cause denial of service via a crash or infinite loop.
* d/patches: Improve patch metadata by syncing with upstream commits.
In particular, various patches for audio- and image-related buffer
overflows are now correctly attributed to Petr Písař of Red Hat.
Some were split into commits differently upstream, so the patch filenames
do not correspond 1:1.
No functional changes, other than some ppc64le-specific code now being
correctly #ifdef'd out on other architectures.
* d/patches: Sort patch series with non-upstream patches last
-- Simon McVittie <smcv@debian.org> Mon, 01 Aug 2022 11:51:13 +0100
- This branch is even with tag debian/1.2.15+dfsg2-8