[SECURITY] [DLA 1341-1] sdl-image1.2 security update

2018-04-06T22:29:38
ID DEBIAN:DLA-1341-1:F2215
Type debian
Reporter Debian
Modified 2018-04-06T22:29:38

Description

Package : sdl-image1.2 Version : 1.2.12-2+deb7u2 CVE ID : CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450

Lilith of Cisco Talos discovered several buffer overflow vulnerabilities in the SDL Image library which can be leveraged by attackers to execute arbitrary code via specially crafted image files.

For Debian 7 "Wheezy", these problems have been fixed in version 1.2.12-2+deb7u2.

We recommend that you upgrade your sdl-image1.2 packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS