Debian Package Tracker

general

source: libsdl1.2 (main)
version: 1.2.15+dfsg2-5
maintainer: Debian SDL packages maintainers (archive) (DMD)
uploaders: Manuel A. Fernandez Montecelo [DMD] – Felix Geyer [DMD]
arch: any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.2.15-10
o-o-sec: 1.2.15-10+deb8u2
oldstable: 1.2.15+dfsg1-4
stable: 1.2.15+dfsg2-4
testing: 1.2.15+dfsg2-5
unstable: 1.2.15+dfsg2-5

versioned links

1.2.15-10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.15-10+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.15+dfsg1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.15+dfsg2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.2.15+dfsg2-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libsdl1.2-dev (4 bugs: 0, 4, 0, 0)
libsdl1.2debian (15 bugs: 0, 12, 3, 0)

action needed

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2020-06-28 Last update: 2020-08-09 12:01

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.2.15+dfsg2-6, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 5491c7a5df5b10ff6bf233f337fd93dccd35930a
Merge: edb9f43 66b9287
Author: Felix Geyer <fgeyer@debian.org>
Date:   Fri Apr 24 14:15:54 2020 +0000

    Merge branch 'lintian-fixes' into 'master'
    
    Fix some issues reported by lintian
    
    See merge request sdl-team/libsdl1.2!1

commit 66b9287391be49b27ef35a6bb2fba439b643575d
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Thu Oct 24 09:14:35 2019 +0000

    Re-export upstream signing key without extra signatures.
    
    Fixes lintian: public-upstream-key-not-minimal
    See https://lintian.debian.org/tags/public-upstream-key-not-minimal.html for more details.

commit 4af6fdbeb36e4190ef0c433f1036bef57119ddcf
Author: Debian Janitor <janitor@jelmer.uk>
Date:   Thu Oct 24 09:14:17 2019 +0000

    Trim trailing whitespace.
    
    Fixes lintian: file-contains-trailing-whitespace
    See https://lintian.debian.org/tags/file-contains-trailing-whitespace.html for more details.

Created: 2020-04-24 Last update: 2020-08-04 02:35

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-07-29 12:32

12 ignored security issues in stretch low

There are 12 open security issues in stretch.

12 issues skipped by the security teams:

CVE-2019-13616: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

Please fix them.

Created: 2019-02-07 Last update: 2020-08-07 06:08

12 ignored security issues in buster low

There are 12 open security issues in buster.

12 issues skipped by the security teams:

CVE-2019-13616: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

Please fix them.

Created: 2019-02-07 Last update: 2020-08-07 06:08

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2020-01-21 05:06

news

[rss feed]

[2019-10-14] Accepted libsdl1.2 1.2.15-10+deb8u2 (source amd64) into oldoldstable (Hugo Lefeuvre)
[2019-09-23] libsdl1.2 1.2.15+dfsg2-5 MIGRATED to testing (Debian testing watch)
[2019-09-17] Accepted libsdl1.2 1.2.15+dfsg2-5 (source) into unstable (Felix Geyer)
[2019-03-13] Accepted libsdl1.2 1.2.15-10+deb8u1 (source amd64) into oldstable (Abhijith PA)
[2018-10-30] libsdl1.2 1.2.15+dfsg2-4 MIGRATED to testing (Debian testing watch)
[2018-10-25] libsdl1.2 1.2.15+dfsg2-3 MIGRATED to testing (Debian testing watch)
[2018-10-25] Accepted libsdl1.2 1.2.15+dfsg2-4 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2018-10-20] Accepted libsdl1.2 1.2.15+dfsg2-3 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2018-09-20] libsdl1.2 1.2.15+dfsg2-2 MIGRATED to testing (Debian testing watch)
[2018-09-14] Accepted libsdl1.2 1.2.15+dfsg2-2 (source) into unstable (Gianfranco Costamagna)
[2018-06-05] libsdl1.2 1.2.15+dfsg2-1 MIGRATED to testing (Debian testing watch)
[2018-05-30] Accepted libsdl1.2 1.2.15+dfsg2-1 (source) into unstable (Gianfranco Costamagna)
[2017-07-28] libsdl1.2 1.2.15+dfsg2-0.1 MIGRATED to testing (Debian testing watch)
[2017-07-23] Accepted libsdl1.2 1.2.15+dfsg2-0.1 (source) into unstable (Jonas Smedegaard)
[2016-03-22] libsdl1.2 1.2.15+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2016-03-21] libsdl1.2 1.2.15+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2016-03-20] libsdl1.2 1.2.15+dfsg1-4 MIGRATED to testing (Debian testing watch)
[2016-03-17] libsdl1.2 1.2.15+dfsg1-3 MIGRATED to testing (Debian testing watch)
[2016-03-17] Accepted libsdl1.2 1.2.15+dfsg1-4 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2016-03-12] Accepted libsdl1.2 1.2.15+dfsg1-3 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2016-02-27] libsdl1.2 1.2.15+dfsg1-2 MIGRATED to testing (Debian testing watch)
[2016-02-21] Accepted libsdl1.2 1.2.15+dfsg1-2 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2015-11-06] libsdl1.2 1.2.15-12 MIGRATED to testing (Britney)
[2015-10-31] Accepted libsdl1.2 1.2.15-12 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2015-05-03] libsdl1.2 1.2.15-11 MIGRATED to testing (Britney)
[2015-04-27] Accepted libsdl1.2 1.2.15-11 (source amd64) into unstable (Manuel A. Fernandez Montecelo)
[2015-04-20] Accepted libsdl1.2 1.2.14-6.1+build1 (source amd64) into squeeze-lts (Raphaël Hertzog)
[2014-07-06] libsdl1.2 1.2.15-10 MIGRATED to testing (Britney)
[2014-06-30] Accepted libsdl1.2 1.2.15-10 (source amd64) (Felix Geyer)
[2014-03-14] libsdl1.2 1.2.15-9 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 20 23
RC: 0
I&N: 18 20
M&W: 2 3
F&P: 0
patch: 2

links

homepage
lintian (0, 4)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.2.15+dfsg2-5
28 bugs (5 patches)