7397 moderate openSUSE Leap 42.3 Update ports This update for SDL2 fixes the following issues: - CVE-2017-2888: An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability. (bsc#1062784) SDL2-2.0.3-14.1.src.rpm SDL2-debugsource-2.0.3-14.1.ppc64le.rpm libSDL2-2_0-0-2.0.3-14.1.ppc64le.rpm libSDL2-2_0-0-debuginfo-2.0.3-14.1.ppc64le.rpm libSDL2-devel-2.0.3-14.1.ppc64le.rpm SDL2-debugsource-2.0.3-14.1.aarch64.rpm libSDL2-2_0-0-2.0.3-14.1.aarch64.rpm libSDL2-2_0-0-64bit-2.0.3-14.1.aarch64_ilp32.rpm libSDL2-2_0-0-debuginfo-2.0.3-14.1.aarch64.rpm libSDL2-2_0-0-debuginfo-64bit-2.0.3-14.1.aarch64_ilp32.rpm libSDL2-devel-2.0.3-14.1.aarch64.rpm libSDL2-devel-64bit-2.0.3-14.1.aarch64_ilp32.rpm SDL2-debugsource-2.0.3-14.1.armv7hl.rpm libSDL2-2_0-0-2.0.3-14.1.armv7hl.rpm libSDL2-2_0-0-debuginfo-2.0.3-14.1.armv7hl.rpm libSDL2-devel-2.0.3-14.1.armv7hl.rpm