- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2803-1                [email protected]
https://www.debian.org/lts/security/                          Adrian Bunk
October 31, 2021                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libsdl2
Version        : 2.0.5+dfsg1-2+deb9u2
CVE ID         : CVE-2017-2888 CVE-2019-7637
Debian Bug     : 878264

A vulnerability has been fixed in libsdl2, the newer version of the 
Simple DirectMedia Layer library that provides low level access to 
audio, keyboard, mouse, joystick, and graphics hardware.


    Potential overflow in surface allocation was fixed.

For Debian 9 stretch, these problems have been fixed in version

We recommend that you upgrade your libsdl2 packages.

For the detailed security status of libsdl2 please refer to
its security tracker page at:

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS