Test Kennung:	1.3.6.1.4.1.25623.1.0.852428
Kategorie:	SuSE Local Security Checks
Titel:	openSUSE: Security Advisory for SDL (openSUSE-SU-2019:1213-1)
Zusammenfassung:	The remote host is missing an update for the 'SDL'; package(s) announced via the openSUSE-SU-2019:1213-1 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'SDL' package(s) announced via the openSUSE-SU-2019:1213-1 advisory. Vulnerability Insight: This update for SDL fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.(bsc#1124806). - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c (bsc#1125099). - CVE-2019-7576: Fixed heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124799). - CVE-2019-7573: Fixed a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (bsc#1124805). - CVE-2019-7635: Fixed a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c. (bsc#1124827). - CVE-2019-7636: Fixed a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c (bsc#1124826). - CVE-2019-7638: Fixed a heap-based buffer over-read in Map1toN in video/SDL_pixels.c (bsc#1124824). - CVE-2019-7574: Fixed a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c (bsc#1124803). - CVE-2019-7575: Fixed a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c (bsc#1124802). - CVE-2019-7637: Fixed a heap-based buffer overflow in SDL_FillRect function in SDL_surface.c (bsc#1124825). - CVE-2019-7577: Fixed a buffer over read in SDL_LoadWAV_RW in audio/SDL_wave.c (bsc#1124800). This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1213=1 Affected Software/OS: 'SDL' package(s) on openSUSE Leap 42.3. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-7572 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZO47LLKKRXKMUGSRCFNHSTHG5OEBYCG/ https://security.gentoo.org/glsa/201909-07 https://bugzilla.libsdl.org/show_bug.cgi?id=4495 https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720 https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html https://lists.debian.org/debian-lts-announce/2019/10/msg00020.html https://lists.debian.org/debian-lts-announce/2019/10/msg00021.html SuSE Security Announcement: openSUSE-SU-2019:1213 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00063.html SuSE Security Announcement: openSUSE-SU-2019:1223 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00073.html SuSE Security Announcement: openSUSE-SU-2019:1261 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00088.html https://usn.ubuntu.com/4156-1/ https://usn.ubuntu.com/4156-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-7573 https://bugzilla.libsdl.org/show_bug.cgi?id=4491 Common Vulnerability Exposure (CVE) ID: CVE-2019-7574 https://bugzilla.libsdl.org/show_bug.cgi?id=4496 Common Vulnerability Exposure (CVE) ID: CVE-2019-7575 https://bugzilla.libsdl.org/show_bug.cgi?id=4493 https://lists.debian.org/debian-lts-announce/2021/01/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2019-7576 https://bugzilla.libsdl.org/show_bug.cgi?id=4490 Common Vulnerability Exposure (CVE) ID: CVE-2019-7577 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MD6EIV2CS6QNDU3UN2RVXPQOFQNHXCP7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFYUCO6D5APPM7IOZ5WOCYVY4DKSXFKD/ https://bugzilla.libsdl.org/show_bug.cgi?id=4492 Common Vulnerability Exposure (CVE) ID: CVE-2019-7578 https://bugzilla.libsdl.org/show_bug.cgi?id=4494 Common Vulnerability Exposure (CVE) ID: CVE-2019-7635 https://bugzilla.libsdl.org/show_bug.cgi?id=4498 https://lists.debian.org/debian-lts-announce/2019/07/msg00021.html https://lists.debian.org/debian-lts-announce/2019/07/msg00026.html SuSE Security Announcement: openSUSE-SU-2019:2071 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html SuSE Security Announcement: openSUSE-SU-2019:2109 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html https://usn.ubuntu.com/4143-1/ https://usn.ubuntu.com/4238-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-7636 https://bugzilla.libsdl.org/show_bug.cgi?id=4499 Common Vulnerability Exposure (CVE) ID: CVE-2019-7637 https://bugzilla.libsdl.org/show_bug.cgi?id=4497 SuSE Security Announcement: openSUSE-SU-2019:1632 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00081.html SuSE Security Announcement: openSUSE-SU-2019:1633 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00071.html Common Vulnerability Exposure (CVE) ID: CVE-2019-7638 https://bugzilla.libsdl.org/show_bug.cgi?id=4500
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.