Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Fedora 42 SDL2_sound Important DoS Fix 2026-bfa5bd0004 CVE-2025-14369

fedora
Calendar Grey March 14, 2026
Dist Fedora Esm H88
Addressing CVE-2025-14369 in SDL2_sound boosts the security of the Fedora 42 operating system for better protection and stability
Latest upstream snapshot from stable-2.0 branch

Summary

SDL_sound is a library that handles the decoding of several popular sound

file formats, such as .WAV and .OGG. It is meant to make the programmer's

sound playback tasks simpler. The programmer gives SDL_sound a filename,

or feeds it data directly from one of many sources, and then reads the

decoded waveform data back at her leisure. If resource constraints are a

concern, SDL_sound can process sound data in programmer-specified blocks.

Alternately, SDL_sound can decode a whole sound file and hand back a

single pointer to the whole waveform. SDL_sound can also handle sample

rate, audio format, and channel conversion on-the-fly and

behind-the-scenes, if the programmer desires.

Update Information:

Latest upstream snapshot from stable-2.0 branch. Fixes CVE-2025-14369 in bundled dr_flac.

Topics%20covered

Topics Covered

security advisory denial of service fedora important SDL2_sound

Change Log

* Thu Mar 5 2026 Dominik Mierzejewski - 2.0.5^20260117git1be041b-1 - update to 20260117 snapshot from stable-2.0 branch - fixes CVE-2025-14369 (resolves rhbz#2431177) - fixes rpmbuild -bi --short-circuit * Fri Jan 16 2026 Fedora Release Engineering - 2.0.4-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2.0.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 31 2025 Benjamin A. Beasley - 2.0.4-5 - Go back to bundling dr_flac and dr_mp3, since it is not straightforward to patch for the current releases * Wed Jul 23 2025 Fedora Release Engineering - 2.0.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Mon Mar 24 2025 Tim Landscheidt - 2.0.4-3 - Fix documentation for devel subpackage

References


[ 1 ] Bug #2431177 - CVE-2025-14369 SDL2_sound: dr_flac: Denial of Service via integer overflow in FLAC metadata [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431177

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-bfa5bd0004' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: SDL2_sound
Product: Fedora 42
Version: 2.0.5^20260117git1be041b
Release: 1.fc42
URL: http://www.icculus.org/SDL_sound
Summary: An abstract soundfile decoder library

Topics%20covered

Topics Covered

security advisory denial of service fedora important SDL2_sound

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here