Fedora 26 SDL2 Security Advisory: Integer Overflow and New Functions

Simple DirectMedia Layer (SDL) is a cross-platform multimedia library designed

to provide fast access to the graphics frame buffer and audio device.

- Added audio stream conversion functions: - `SDL_NewAudioStream()` -`SDL_AudioStreamPut()` - `SDL_AudioStreamGet()` -`SDL_AudioStreamAvailable()` - `SDL_AudioStreamFlush()` -`SDL_AudioStreamClear()` - `SDL_FreeAudioStream()` - Added functions to

query and set the SDL memory allocation functions: -`SDL_GetMemoryFunctions()` - `SDL_SetMemoryFunctions()` -`SDL_GetNumAllocations()` - Added locking functions for multi-threaded access to

the joystick and game controller APIs: - `SDL_LockJoysticks()` -`SDL_UnlockJoysticks()` - The following functions are now thread-safe: -`SDL_SetEventFilter()` - `SDL_GetEventFilter()` - `SDL_AddEventWatch()`

- `SDL_DelEventWatch()` ---- Fix CVE-2017-2888

[ 1 ] Bug #1500734 - CVE-2017-2888 SDL2: SDL: Integer overflow while creating a new RGB surface [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1500734

su -c 'dnf upgrade SDL2' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org