[SECURITY] Fedora 7 Update: SDL_image-1.2.5-7.fc7
updates at fedoraproject.org
updates at fedoraproject.org
Sat Feb 2 08:59:33 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-1231
2008-02-02 00:55:11
--------------------------------------------------------------------------------
Name : SDL_image
Product : Fedora 7
Version : 1.2.5
Release : 7.fc7
URL : http://www.libsdl.org/projects/SDL_image/
Summary : Image loading library for SDL
Description :
Simple DirectMedia Layer (SDL) is a cross-platform multimedia library
designed to provide fast access to the graphics frame buffer and audio
device. This package contains a simple library for loading images of
various formats (BMP, PPM, PCX, GIF, JPEG, PNG) as SDL surfaces.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 29 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-7
- Add patch to fix ILBM image buffer overflow. (#430693)
* Thu Jan 24 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-6
- Add patch to fix buffer-overflow. (#430100)
* Sun Aug 5 2007 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-5
- Update license tag.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #430693 - SDL_image: ILBM image handlig buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=430693
[ 2 ] Bug #430100 - SDL_image / gd: GIF handling buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=430100
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update SDL_image' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list