Synopsis: Moderate: SDL security update Advisory ID: SLSA-2020:3868-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2019-7572 CVE-2019-7574 CVE-2019-7578 CVE-2019-7635 CVE-2019-7577 CVE-2019-7576 CVE-2019-7637 CVE-2019-7636 CVE-2019-7573 CVE-2019-7638 CVE-2019-7575 -- Security Fix(es): * SDL: buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c (CVE-2019-7572) * SDL: heap-based buffer overflow in function MS_ADPCM_decode in audio/SDL_wave.c (CVE-2019-7575) * SDL: heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (CVE-2019-7636) * SDL: heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c (CVE-2019-7637) * SDL: heap-based buffer over-read in Map1toN in video/SDL_pixels.c (CVE-2019-7638) * SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (CVE-2019-7573) * SDL: heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (CVE-2019-7574) * SDL: heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (CVE-2019-7576) * SDL: buffer over-read in function SDL_LoadWAV_RW in audio/SDL_wave.c (CVE-2019-7577) * SDL: heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (CVE-2019-7578) * SDL: heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c (CVE-2019-7635) -- SL7 x86_64 SDL-devel-1.2.15-17.el7.x86_64.rpm SDL-1.2.15-17.el7.i686.rpm SDL-devel-1.2.15-17.el7.i686.rpm SDL-1.2.15-17.el7.x86_64.rpm SDL-debuginfo-1.2.15-17.el7.i686.rpm SDL-debuginfo-1.2.15-17.el7.x86_64.rpm SDL-static-1.2.15-17.el7.i686.rpm SDL-static-1.2.15-17.el7.x86_64.rpm - Scientific Linux Development Team