[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 482-1] libgd2 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libgd2
Version        : 2.0.36~rc1~dfsg-6.1+deb7u3
CVE ID         : CVE-2015-8874
Debian Bug     : 824627

It was discovered that there was a stack consumption vulnerability
in the libgd2 graphics library which allowed remote attackers to
cause a denial of service via a crafted imagefilltoborder call.

For Debian 7 "Wheezy", this issue has been fixed in libgd2 version
2.0.36~rc1~dfsg-6.1+deb7u3.

We recommend that you upgrade your libgd2 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXPf6vAAoJEB6VPifUMR5Y1u8QAKXepRtMRM35NAKt1WrMHc+q
wkqqKgRKCJwfC6svrHZnt9Qx1JidyYW7RjKD4jfBKvWumQrwGnSIMEeL4O0wzdCv
5VSvvlT4xjhSMDa29IKdGsK/qCJNYHxVxookkE1DY6aN3UoSkKISGT2rmypbGDGQ
P9QKYimVR3j3H+QAQw47HN5kbY192xTLYo38AYB2woVWnglDsUlEaXi0jRBLn4kp
6R/+7cBwnjrupwadfz2CfO8L8C0MctJEqOk2jcqcxXeZL/bgwH4KEhA9dUHJ5AAZ
DIb0qC2+Xt36R3i/sXYKrm0p0lK0at7CJbvTT5SBqApDkSvoLzRTgYXOqXzvI2ZG
58nDfMyCEnyqsiIxfjhVLjzU9WEhCRCiL3/ZwkpLtUp+P0cQeNilCjSsp2YWmgRh
Owqz3bKe7aOnDzzLoHoK0NUY60toRNKpeRO79QEM4+eLjaz3vha8Vf3CVgj1tOv6
adyqL/V4/WxTQKtotiefdhmVaXs0jSn3OXcsK7ljcmtT7nWHZ4hJzkZXm0EMgEMd
w2jLPjgylxBAyJzQGj9GZf325CAxZLFEXOrFHNaEruYrWd7BOiUNHQ9aEv3YyiN1
x0QeV1NP1jSJrcPbFMywUH68cQ9POOpPz8Yqz+obAdGK3M/iI1s2KGa1+xP4qE2c
PL3UNu+acaO9NPWOZYb3
=LqdG
-----END PGP SIGNATURE-----


Reply to: