Ubuntu has issued an advisory on January 14: https://usn.ubuntu.com/4238-1/ These two issues don't appear to have been fixed in our previous update in Bug 25766. Mageia 7 would also be affected.
Whiteboard: (none) => MGA7TOO
When checking the list of patches from Ubuntu, I see no new patch for those issues so those CVEs are likely to be fixed by the patches we already have.
Yeah they may be combined into other patches. Do our patches actually match theirs (in content and not just name)?
Yes I also verified the content and we have the same patches as sdl-image1.2 version 1.2.12-12 from Debian, for which CVE-2019-5051 and CVE-2019-12216 are considered as fixed.
Thanks. *** This bug has been marked as a duplicate of bug 25766 ***
Resolution: (none) => DUPLICATEStatus: NEW => RESOLVED