--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-20c3b6be2a
2018-05-27 20:11:43.790305
--------------------------------------------------------------------------------
Name : SDL2_mixer
Product : Fedora EPEL 7
Version : 2.0.2
Release : 2.el7
URL :
https://www.libsdl.org/projects/SDL_mixer/
Summary : Simple DirectMedia Layer - Sample Mixer Library
Description :
SDL_mixer is a sample multi-channel audio mixer library.
It supports any number of simultaneously playing channels of 16 bit stereo
audio, plus a single channel of music, mixed by the popular FLAC,
MikMod MOD, Timidity MIDI, Ogg Vorbis, and SMPEG MP3 libraries.
--------------------------------------------------------------------------------
Update Information:
SDL2 refresh for EPEL 7: update to latest upstream releases, fixing a number of
security issues, and enabling new features based on RHEL 7.5: wayland, vulkan,
etc.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1500453 - CVE-2017-2887 SDL_image: Multiple vulnerabilities [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1500453
[ 2 ] Bug #1552133 - CVE-2017-12122 SDL2_image: code execution in the ILBM image
rendering [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552133
[ 3 ] Bug #1552168 - CVE-2017-14441 SDL2_image: code execution vulnerability exists in
the ICO image rendering [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552168
[ 4 ] Bug #1552172 - CVE-2017-14440 SDL2_image: code execution in the ILBM image
rendering [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552172
[ 5 ] Bug #1552182 - CVE-2017-14449 SDL2_image: double-Free in the XCF image rendering
[epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552182
[ 6 ] Bug #1552186 - CVE-2017-14448 SDL2_image: code execution in the XCF image
rendering [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552186
[ 7 ] Bug #1552191 - CVE-2017-14450 SDL2_image: buffer overflow in the GIF image parsing
[epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552191
[ 8 ] Bug #1552197 - CVE-2017-14442 SDL2_image: code execution in the BMP image
rendering [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1552197
[ 9 ] Bug #1568145 - CVE-2018-3837 CVE-2018-3838 CVE-2018-3839 SDL2_image: various flaws
[epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1568145
[ 10 ] Bug #1500735 - CVE-2017-2888 SDL2: SDL: Integer overflow while creating a new RGB
surface [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1500735
[ 11 ] Bug #1524386 - SDL2 CMake files trigger CMP0004 policy failure (fixed in latest
Fedora packages)
https://bugzilla.redhat.com/show_bug.cgi?id=1524386
[ 12 ] Bug #1512015 - SDL2_mixer sources bundle smpeg2
https://bugzilla.redhat.com/show_bug.cgi?id=1512015
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update SDL2_mixer' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/...
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------