Ubuntu 14.04 ESM USN-4316-2 Critical: libgd2 Denial Of Service
ubuntu
April 2, 2020
Several security issues were fixed in GD Graphics Library.
Summary
Several security issues were fixed in GD Graphics Library.
Software Description:
- libgd2: Open source code library for the dynamic creation of images
Details:
USN-4316-1 fixed a vulnerability in GD Graphics Library. This update
provides
the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that GD Graphics Library incorrectly handled cloning an
image. An attacker could possibly use this issue to cause GD Graphics
Library
to crash, resulting in a denial of service. (CVE-2018-14553)
It was discovered that GD Graphics Library incorrectly handled loading
images
from X bitmap format files. An attacker could possibly use this issue to
cause
GD Graphics Library to crash, resulting in a denial of service, or to
disclose
contents of the stack that has been left there by previous code.
(CVE-2019-11038)
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libgd-tools 2.1.0-3ubuntu0.11+esm1 libgd3 2.1.0-3ubuntu0.11+esm1 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-4316-2
https://ubuntu.com/security/notices/USN-4316-1
CVE-2018-14553, CVE-2019-11038
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
April 02, 2020
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!