[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 665-1] libgd2 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libgd2
Version        : 2.0.36~rc1~dfsg-6.1+deb7u6
CVE ID         : CVE-2016-6911 CVE-2016-8670

CVE-2016-6911
     invalid read in gdImageCreateFromTiffPtr()
     (most of the code is not present in the Wheezy version)

CVE-2016-8670:
     Stack Buffer Overflow in GD dynamicGetbuf

For Debian 7 "Wheezy", these problems have been fixed in version
2.0.36~rc1~dfsg-6.1+deb7u6.

We recommend that you upgrade your libgd2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJYBoahXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHSqkQAISpL4C2gRsIh2CK2dQ9uGcp
e8UgX0OygQN2Hbd7hzj0DQ2uMhAjFukNKpDkPFM0LWm8XKjqm3THyA7Mdax5Ktqw
nxTQmMP7K54ghguJ53O3BXVkIk8xV/a7tLvhvc4mzOI4rIbFbLfGDd8fY1h3ClSJ
VYiv7VPgNs7+5NSEmt8NQvODiyIsmPh7Z2pH8M4pQJtCjishuZdyganMw96DwlTx
JPa0z1KIbcuLJgE9tZR3Is0XClYWdrY0C0D2cWriuFOf/UYhWuprwXc2HSzZuRQe
Ma0gf1a/ypv9xudA+9cz6DR3nWAGWys1WOUk3DCZ289kW6LfPOKRiov/aJqCoeJj
wEK87wXISdwkySFjwU/tS3n9Y/46Jcq0hHR0/1hK/o6TAwbTlRCYXrbAe0zZtuGq
GScrznNMBx1Ogy+wFf0dOEDyCAwLEdIcwXQj8sJHryG4AD+RoZTYU/O5Fk4UoPE9
FPDEdk/HccUx8Y4oqo7HhnHRxtGMafFt0dwW85iD4kw7AGBghPkIXgT1/9wjqk6q
IKdcT5UTjLJCZ6e4m6/Zmve5AWkBwg86CXV4vF+5nTwWcIbmbxANM6B7tK1N+LvP
Q/IJ4dAho9N6fefpgRRMfLCEypOkvOWWPnSYzJqQb8WeztVi98AHcj3/WBxQKnLE
zCBrPFU+uWLUoKBEKi26
=ZipH
-----END PGP SIGNATURE-----


Reply to: