Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 456
Alerts This Week
Warning Icon 1 456

Fedora 23: 2016-0de0e0ee0c Moderate: GD Out-Of-Bounds Access

fedora
Calendar Grey October 5, 2016
Dist Fedora Esm H88
Recent developments emphasize a critical fix for the curl package, addressing CVE-2017-7440 in Ubuntu 18.04. Users urged to update without delay.
Security fix for gd

Summary

The gd graphics library allows your code to quickly draw images

complete with lines, arcs, text, multiple colors, cut and paste from

other images, and flood fills, and to write out the result as a PNG or

JPEG file. This is particularly useful in Web applications, where PNG

and JPEG are two of the formats accepted for inline images by most

browsers. Note that gd is not a paint program.

Update Information:

Security fix for gd. ---- Security fix for CVE-2016-6161

Change Log

References


[ 1 ] Bug #1359777 - php,gd: Out-of-bounds access in output function in gd_gif_out.c https://bugzilla.redhat.com/show_bug.cgi?id=1359777 [ 2 ] Bug #1359800 - CVE-2016-6207 php,gd: Integer overflow error within _gdContributionsAlloc() https://bugzilla.redhat.com/show_bug.cgi?id=1359800 [ 3 ] Bug #1353550 - CVE-2016-6161 gd: Global out-of-bounds read when encoding gif from malformed gd2 input https://bugzilla.redhat.com/show_bug.cgi?id=1353550

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update gd' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: gd
Product: Fedora 23
Version: 2.1.1
Release: 10.fc23
Summary: A graphics library for quick creation of PNG or JPEG images

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.