|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-482-1 (libgd2)



From:
    	      Chris Lamb <lamby@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 482-1] libgd2 security update 


Date:
    	      Thu, 19 May 2016 18:58:42 +0100


Message-ID:
    	      <1463680722.2785251.612896609.253651E9@webmail.messagingengine.com>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libgd2
Version        : 2.0.36~rc1~dfsg-6.1+deb7u3
CVE ID         : CVE-2015-8874
Debian Bug     : 824627

It was discovered that there was a stack consumption vulnerability
in the libgd2 graphics library which allowed remote attackers to
cause a denial of service via a crafted imagefilltoborder call.

For Debian 7 "Wheezy", this issue has been fixed in libgd2 version
2.0.36~rc1~dfsg-6.1+deb7u3.

We recommend that you upgrade your libgd2 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXPf6vAAoJEB6VPifUMR5Y1u8QAKXepRtMRM35NAKt1WrMHc+q
wkqqKgRKCJwfC6svrHZnt9Qx1JidyYW7RjKD4jfBKvWumQrwGnSIMEeL4O0wzdCv
5VSvvlT4xjhSMDa29IKdGsK/qCJNYHxVxookkE1DY6aN3UoSkKISGT2rmypbGDGQ
P9QKYimVR3j3H+QAQw47HN5kbY192xTLYo38AYB2woVWnglDsUlEaXi0jRBLn4kp
6R/+7cBwnjrupwadfz2CfO8L8C0MctJEqOk2jcqcxXeZL/bgwH4KEhA9dUHJ5AAZ
DIb0qC2+Xt36R3i/sXYKrm0p0lK0at7CJbvTT5SBqApDkSvoLzRTgYXOqXzvI2ZG
58nDfMyCEnyqsiIxfjhVLjzU9WEhCRCiL3/ZwkpLtUp+P0cQeNilCjSsp2YWmgRh
Owqz3bKe7aOnDzzLoHoK0NUY60toRNKpeRO79QEM4+eLjaz3vha8Vf3CVgj1tOv6
adyqL/V4/WxTQKtotiefdhmVaXs0jSn3OXcsK7ljcmtT7nWHZ4hJzkZXm0EMgEMd
w2jLPjgylxBAyJzQGj9GZf325CAxZLFEXOrFHNaEruYrWd7BOiUNHQ9aEv3YyiN1
x0QeV1NP1jSJrcPbFMywUH68cQ9POOpPz8Yqz+obAdGK3M/iI1s2KGa1+xP4qE2c
PL3UNu+acaO9NPWOZYb3
=LqdG
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds