OESA-2021-1426

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1426
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2021-1426.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2021-1426
Upstream
Published
2021-11-12T11:03:20Z
Modified
2025-08-12T05:04:47.276032Z
Summary
SDL security update
Details

Simple DirectMedia Layer(SDL) is a cross-platform development library designed\ to provide low level access to audio, keyboard, mouse, joystick, and graphics\ hardware via OpenGL and Direct3D. It is used by video playback software, emulators,\ and popular games including Valve's award winning catalog and many Humble Bundle games.\

Security Fix(es):

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMAADPCMnibble in audio/SDL_wave.c.(CVE-2019-7572)

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDL_wave.c.(CVE-2019-7574)

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDL_wave.c.(CVE-2019-7575)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:20.03-LTS-SP1 / SDL

Package

Name
SDL
Purl
pkg:rpm/openEuler/SDL&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.15-39.oe1

Ecosystem specific 

{
    "src": [
        "SDL-1.2.15-39.oe1.src.rpm"
    ],
    "aarch64": [
        "SDL-debugsource-1.2.15-39.oe1.aarch64.rpm",
        "SDL-1.2.15-39.oe1.aarch64.rpm",
        "SDL-help-1.2.15-39.oe1.aarch64.rpm",
        "SDL-devel-1.2.15-39.oe1.aarch64.rpm",
        "SDL-debuginfo-1.2.15-39.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "SDL-help-1.2.15-39.oe1.x86_64.rpm",
        "SDL-devel-1.2.15-39.oe1.x86_64.rpm",
        "SDL-debuginfo-1.2.15-39.oe1.x86_64.rpm",
        "SDL-1.2.15-39.oe1.x86_64.rpm",
        "SDL-debugsource-1.2.15-39.oe1.x86_64.rpm"
    ]
}

openEuler:20.03-LTS-SP2 / SDL

Package

Name
SDL
Purl
pkg:rpm/openEuler/SDL&distro=openEuler-20.03-LTS-SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.15-39.oe1

Ecosystem specific 

{
    "src": [
        "SDL-1.2.15-39.oe1.src.rpm"
    ],
    "aarch64": [
        "SDL-debugsource-1.2.15-39.oe1.aarch64.rpm",
        "SDL-devel-1.2.15-39.oe1.aarch64.rpm",
        "SDL-1.2.15-39.oe1.aarch64.rpm",
        "SDL-debuginfo-1.2.15-39.oe1.aarch64.rpm",
        "SDL-help-1.2.15-39.oe1.aarch64.rpm"
    ],
    "x86_64": [
        "SDL-devel-1.2.15-39.oe1.x86_64.rpm",
        "SDL-debuginfo-1.2.15-39.oe1.x86_64.rpm",
        "SDL-help-1.2.15-39.oe1.x86_64.rpm",
        "SDL-debugsource-1.2.15-39.oe1.x86_64.rpm",
        "SDL-1.2.15-39.oe1.x86_64.rpm"
    ]
}