Upstream information

CVE-2019-7572 at MITRE

Description

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

SUSE information

SUSE Bugzilla entry: 1124806 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12 SP3
  • SDL >= 1.2.15-15.11.1
  • libSDL-1_2-0 >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP3-2019-899
SUSE Linux Enterprise Desktop 12 SP4
  • SDL >= 1.2.15-15.11.1
  • libSDL-1_2-0 >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP4-2019-899
SUSE Linux Enterprise High Performance Computing 12 SP5
  • libSDL-1_2-0 >= 1.2.15-15.11.1
  • libSDL-1_2-0-32bit >= 1.2.15-15.11.1
Patchnames:
SUSE Linux Enterprise High Performance Computing 12 SP5 GA libSDL-1_2-0
SUSE Linux Enterprise Module for Desktop Applications 15
  • SDL >= 1.2.15-3.9.1
  • SDL2 >= 2.0.8-3.9.1
  • libSDL-1_2-0 >= 1.2.15-3.9.1
  • libSDL-devel >= 1.2.15-3.9.1
  • libSDL2-2_0-0 >= 2.0.8-3.9.1
  • libSDL2-devel >= 2.0.8-3.9.1
Patchnames:
SUSE-SLE-Module-Desktop-Applications-15-2019-917
SUSE-SLE-Module-Desktop-Applications-15-2019-950
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
  • libSDL-1_2-0 >= 1.2.15-3.9.1
  • libSDL-devel >= 1.2.15-3.9.1
  • libSDL2-2_0-0 >= 2.0.8-3.9.1
  • libSDL2-devel >= 2.0.8-3.9.1
Patchnames:
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 GA libSDL-1_2-0
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 GA libSDL2-2_0-0
SUSE Linux Enterprise Point of Sale 11 SP3
  • SDL >= 1.2.13-106.11.1
Patchnames:
sleposp3-SDL-13998
SUSE Linux Enterprise Server 11 SP4
  • SDL >= 1.2.13-106.11.1
  • SDL-32bit >= 1.2.13-106.11.1
  • SDL-x86 >= 1.2.13-106.11.1
Patchnames:
slessp4-SDL-13998
SUSE Linux Enterprise Server 12 SP3
  • SDL >= 1.2.15-15.11.1
  • libSDL-1_2-0 >= 1.2.15-15.11.1
  • libSDL-1_2-0-32bit >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-SERVER-12-SP3-2019-899
SUSE Linux Enterprise Server 12 SP4
  • SDL >= 1.2.15-15.11.1
  • libSDL-1_2-0 >= 1.2.15-15.11.1
  • libSDL-1_2-0-32bit >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-SERVER-12-SP4-2019-899
SUSE Linux Enterprise Server 12 SP5
  • libSDL-1_2-0 >= 1.2.15-15.11.1
  • libSDL-1_2-0-32bit >= 1.2.15-15.11.1
Patchnames:
SUSE Linux Enterprise Server 12 SP5 GA libSDL-1_2-0
SUSE Linux Enterprise Server for SAP Applications 11 SP4
  • SDL >= 1.2.13-106.11.1
  • SDL-32bit >= 1.2.13-106.11.1
  • SDL-x86 >= 1.2.13-106.11.1
Patchnames:
slessp4-SDL-13998
SUSE Linux Enterprise Server for SAP Applications 12 SP3
  • SDL >= 1.2.15-15.11.1
  • libSDL-1_2-0 >= 1.2.15-15.11.1
  • libSDL-1_2-0-32bit >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-SERVER-12-SP3-2019-899
SUSE Linux Enterprise Server for SAP Applications 12 SP4
  • SDL >= 1.2.15-15.11.1
  • libSDL-1_2-0 >= 1.2.15-15.11.1
  • libSDL-1_2-0-32bit >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-SERVER-12-SP4-2019-899
SUSE Linux Enterprise Software Development Kit 11 SP4
  • SDL >= 1.2.13-106.11.1
  • SDL-32bit >= 1.2.13-106.11.1
  • SDL-devel >= 1.2.13-106.11.1
  • SDL-devel-32bit >= 1.2.13-106.11.1
Patchnames:
sdksp4-SDL-13998
SUSE Linux Enterprise Software Development Kit 12 SP3
  • SDL >= 1.2.15-15.11.1
  • libSDL-devel >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-SDK-12-SP3-2019-899
SUSE Linux Enterprise Software Development Kit 12 SP4
  • SDL >= 1.2.15-15.11.1
  • libSDL-devel >= 1.2.15-15.11.1
Patchnames:
SUSE-SLE-SDK-12-SP4-2019-899
SUSE Linux Enterprise Software Development Kit 12 SP5
  • libSDL-devel >= 1.2.15-15.11.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP5 GA libSDL-devel
openSUSE Leap 15.0
  • SDL >= 1.2.15-lp150.2.3.1
  • SDL-debugsource >= 1.2.15-lp150.2.3.1
  • SDL2 >= 2.0.8-lp150.2.3.1
  • SDL2-debugsource >= 2.0.8-lp150.2.3.1
  • libSDL-1_2-0 >= 1.2.15-lp150.2.3.1
  • libSDL-1_2-0-32bit >= 1.2.15-lp150.2.3.1
  • libSDL-1_2-0-32bit-debuginfo >= 1.2.15-lp150.2.3.1
  • libSDL-1_2-0-debuginfo >= 1.2.15-lp150.2.3.1
  • libSDL-devel >= 1.2.15-lp150.2.3.1
  • libSDL-devel-32bit >= 1.2.15-lp150.2.3.1
  • libSDL2-2_0-0 >= 2.0.8-lp150.2.3.1
  • libSDL2-2_0-0-32bit >= 2.0.8-lp150.2.3.1
  • libSDL2-2_0-0-32bit-debuginfo >= 2.0.8-lp150.2.3.1
  • libSDL2-2_0-0-debuginfo >= 2.0.8-lp150.2.3.1
  • libSDL2-devel >= 2.0.8-lp150.2.3.1
  • libSDL2-devel-32bit >= 2.0.8-lp150.2.3.1
Patchnames:
openSUSE-2019-1223
openSUSE-2019-1261
openSUSE Leap 42.3
  • SDL >= 1.2.15-20.3.1
  • SDL-debugsource >= 1.2.15-20.3.1
  • libSDL-1_2-0 >= 1.2.15-20.3.1
  • libSDL-1_2-0-32bit >= 1.2.15-20.3.1
  • libSDL-1_2-0-debuginfo >= 1.2.15-20.3.1
  • libSDL-1_2-0-debuginfo-32bit >= 1.2.15-20.3.1
  • libSDL-devel >= 1.2.15-20.3.1
  • libSDL-devel-32bit >= 1.2.15-20.3.1
Patchnames:
openSUSE-2019-1213