-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] gd (SSA:2018-108-01)
New gd packages are available for Slackware 14.2 and -current to
fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
This update fixes two security issues:
Double-free in gdImagePngPtr() (denial of service).
Buffer over-read into uninitialized memory (information leak).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:
MD5 signatures:
+-------------+
Slackware 14.2 package:
00f7ac709aebd7e2d83c106496a67503 gd-2.2.5-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
55090c6941dea831bdc6ad78d47055d9 gd-2.2.5-x86_64-1_slack14.2.txz
Slackware -current package:
c996a52a4eed3ccc5af79320d27ef9f8 l/gd-2.2.5-i586-1.txz
Slackware x86_64 -current package:
e9a5c2882717f1df8d25c7b1ae03ecb5 l/gd-2.2.5-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg gd-2.2.5-i586-1_slack14.2.txz
+-----+
Slackware: 2018-108-01: gd Security Update
April 19, 2018
New gd packages are available for Slackware 14.2 and -current to fix security issues
Summary
Here are the details from the Slackware 14.2 ChangeLog: This update fixes two security issues: Double-free in gdImagePngPtr() (denial of service). Buffer over-read into uninitialized memory (information leak). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890 (* Security fix *)
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.2:
Updated package for Slackware x86_64 14.2:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:
MD5 Signatures
Slackware 14.2 package:
00f7ac709aebd7e2d83c106496a67503 gd-2.2.5-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
55090c6941dea831bdc6ad78d47055d9 gd-2.2.5-x86_64-1_slack14.2.txz
Slackware -current package:
c996a52a4eed3ccc5af79320d27ef9f8 l/gd-2.2.5-i586-1.txz
Slackware x86_64 -current package:
e9a5c2882717f1df8d25c7b1ae03ecb5 l/gd-2.2.5-x86_64-1.txz
Severity
[slackware-security] gd (SSA:2018-108-01)
New gd packages are available for Slackware 14.2 and -current to fix security issues.
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg gd-2.2.5-i586-1_slack14.2.txz
News
HOWTOs
Features
About Us
Powered By
