- Sat Aug 31 2019 daviddavid <daviddavid> 1.2.15-19.2.mga6
+ Revision: 1435803
- add patch to fix CVE-2019-13616 (mga#25387)
+ akien
- Sync security patches with Fedora: Tue Mar 12 2019 Petr Pisar- 1.2.15-38
o Fix CVE-2019-7577 completely (a buffer overread in MS_ADPCM_nibble and
MS_ADPCM_decode on an invalid predictor) (bug #1676510)
o Fix CVE-2019-7577 (a buffer overread in MS_ADPCM_decode) (bug #1676510)
o Fix CVE-2019-7575 (a buffer overwrite in MS_ADPCM_decode) (bug #1676744)
o Fix CVE-2019-7574 (a buffer overread in IMA_ADPCM_decode) (bug #1676750)
o Fix CVE-2019-7572 (a buffer overread in IMA_ADPCM_nibble) (bug #1676754)
o Fix CVE-2019-7572 (a buffer overwrite in IMA_ADPCM_nibble) (bug #1676754)
o Fix CVE-2019-7573, CVE-2019-7576 (buffer overreads in InitMS_ADPCM)
(bugs #1676752, #1676756)
o Fix CVE-2019-7578 (a buffer overread in InitIMA_ADPCM) (bug #1676782)
o Fix CVE-2019-7638, CVE-2019-7636 (buffer overflows when processing BMP
images with too high number of colors) (bugs #1677144, #1677157)
o Fix CVE-2019-7637 (an integer overflow in SDL_CalculatePitch) (bug #1677152)
o Fix CVE-2019-7635 (a buffer overread when blitting a BMP image with pixel
colors out the palette) (bug #1677159)
o Reject 2, 3, 5, 6, 7-bpp BMP images (bug #1677159) - Wed Mar 1 2017 ghibo <ghibo> 1.2.15-19.mga6
+ Revision: 1088232
- Rebuilt against pulseaudio 10