[ MDVSA-2015:153 ] libgd

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:153
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : libgd
 Date    : March 29, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated libgd packages fix security vulnerabilities:
 
 The gdImageCreateFromXpm function in gdxpm.c in the gd image library
 allows remote attackers to cause a denial of service (NULL pointer
 dereference and application crash) via a crafted color table in an
 XPM file (CVE-2014-2497).
 
 A buffer read overflow in gd_gif_in.c in the php#68601 bug referenced
 in the PHP 5.5.21 ChangeLog has been fixed in the libgd package.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/

007 Software

[ MDVSA-2015:153 ] libgd

Leave a Reply Cancel reply

Software and Security Information