Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowFedora

Fedora 31 Security Advisory: gd Library Buffer Overflow and Free Error

fixed multiple security bugs. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-7a06c0e6b4 2019-11-18 22:47:05.646015 --------------------------------------------------------------------------------Name : gd Product : Fedora 31 Version : 2.2.5 Release : 10.fc31 URL : https://libgd.github.io/ Summary : A graphics library for quick creation of PNG or JPEG images Description : The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. --------------------------------------------------------------------------------Update Information: fixed multiple security bugs --------------------------------------------------------------------------------ChangeLog: * Fri Nov 1 2019 This email address is being protected from spambots. You need JavaScript enabled to view it. - 2.2.5-10 - Fixed heap based buffer overflow in gd_color_match.c:gdImageColorMatch() in libgd as used in imagecolormatch() - Resolves: RHBZ#1678104 (CVE-2019-6977) - Fixed potential double-free in gdImage*Ptr() - Resolves: RHBZ#1671391 (CVE-2019-6978) --------------------------------------------------------------------------------References: [ 1 ] Bug #1672210 - CVE-2019-6977 gd: heap based buffer overflow in gd_color_match.c:gdImageColorMatch() in libgd as used in imagecolormatch() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672210 [ 2 ] Bug #1671391 - CVE-2019-6978 gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671391 --------------------------------------------------------------------------------This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2019-7a06c0e6b4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Improvements addressing several vulnerabilities in Fedora's libgd library offer essential patches for secure image manipulation.. Fedora Security,gd bug fixes,gd library updates. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 18, 2019 Important Fedora
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderate severityheap overflow

openSUSE Leap 42.3: 2019:1140-1 Moderate: GD Buffer Overflow Fix

An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for gd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1140-1 Rating: moderate References: #1123361 #1123522 Cross-References: CVE-2019-6977 CVE-2019-6978 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for gd fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function (bsc#1123361). - CVE-2019-6978: Fixed a double free in the gdImage*Ptr() functions (bsc#1123522). This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1140=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): gd-2.1.0-30.1 gd-debuginfo-2.1.0-30.1 gd-debugsource-2.1.0-30.1 gd-devel-2.1.0-30.1 - openSUSE Leap 42.3 (x86_64): gd-32bit-2.1.0-30.1 gd-debuginfo-32bit-2.1.0-30.1 References: https://www.suse.com/security/cve/CVE-2019-6977.html https://www.suse.com/security/cve/CVE-2019-6978.html https://bugzilla.suse.com/1123361 https://bugzilla.suse.com/1123522 -- . This patch resolves significant vulnerabilities within the GD Library on openSUSE, focusing on heap overflow exploits and memory handling improvements.. openSUSE Security Update, gd library, patch instructions, heap overflow fix. . LinuxSecurity.com Team

Calendar 2 Apr 04, 2019 OpenSUSE
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderate severityheap overflow

openSUSE Leap 15.0: 2019:1148-1 Moderate: gd Memory Issues

An update that fixes two vulnerabilities is now available.. openSUSE Security Update: Security update for gd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1148-1 Rating: moderate References: #1123361 #1123522 Cross-References: CVE-2019-6977 CVE-2019-6978 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for gd fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function (bsc#1123361). - CVE-2019-6978: Fixed a double free in the gdImage*Ptr() functions (bsc#1123522). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1148=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): gd-2.2.5-lp150.8.1 gd-debuginfo-2.2.5-lp150.8.1 gd-debugsource-2.2.5-lp150.8.1 gd-devel-2.2.5-lp150.8.1 libgd3-2.2.5-lp150.8.1 libgd3-debuginfo-2.2.5-lp150.8.1 - openSUSE Leap 15.0 (x86_64): libgd3-32bit-2.2.5-lp150.8.1 libgd3-32bit-debuginfo-2.2.5-lp150.8.1 References: https://www.suse.com/security/cve/CVE-2019-6977.html https://www.suse.com/security/cve/CVE-2019-6978.html https://bugzilla.suse.com/1123361 https://bugzilla.suse.com/1123522 -- . The latest patch for gd tackles two significant vulnerabilities: a buffer overflow and a memory leak. Crucial for Fedora users.. openSUSE Security Update, gd vulnerabilities, openSUSE patch. . LinuxSecurity.com Team

Calendar 2 Apr 04, 2019 OpenSUSE
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA-201903-18 Normal: GD Image Processing Multiple Exploits

Multiple vulnerabilities have been found in GD, the worst of which could result in the remote execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201903-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: GD: Multiple vulnerabilities Date: March 28, 2019 Bugs: #664732, #679702 ID: 201903-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in GD, the worst of which could result in the remote execution of arbitrary code. Background ========= GD is a graphic library for fast image creation. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/gd < 2.2.5-r2 > = 2.2.5-r2 Description ========== Multiple vulnerabilities have been discovered in GD. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could entice a user to process a specially crafted image, possibly resulting in execution of arbitrary code or a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All GD users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/gd-2.2.5-r2" References ========= [ 1 ] CVE-2018-1000222 https://nvd.nist.gov/vuln/detail/CVE-2018-1000222 [ 2 ] CVE-2018-5711 https://nvd.nist.gov/vuln/detail/CVE-2018-5711 [ 3 ] CVE-2019-6977 https://nvd.nist.gov/vuln/detail/CVE-2019-6977 [ 4 ] CVE-2019-6978 https://nvd.nist.gov/vuln/detail/CVE-2019-6978 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201903-18 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Several security issues in GD could allow for remote code execution; essential patch released for all users on Gentoo.. GD Library, Remote Code Execution, Gentoo Advisory, Image Processing. . LinuxSecurity.com Team

Calendar 2 Mar 27, 2019 Gentoo
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 25: 2017-a69b0bb52d Critical: gd Double-Free and Buffer Problems

**Version 2.2.5** - 2017-08-30 * **Security** - Double-free in gdImagePngPtr(). **CVE-2017-6362** - Buffer over-read into uninitialized memory. **CVE-2017-7890** * **Fixed** - Fix #109: XBM reading fails with printed error - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable - Fix #357: 2.2.4: Segfault in test suite - Fix #386:. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-a69b0bb52d 2017-09-06 13:04:00.527143 --------------------------------------------------------------------------------Name : gd Product : Fedora 25 Version : 2.2.5 Release : 1.fc25 URL : https://libgd.github.io/ Summary : A graphics library for quick creation of PNG or JPEG images Description : The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. --------------------------------------------------------------------------------Update Information: **Version 2.2.5** - 2017-08-30 * **Security** - Double-free in gdImagePngPtr(). **CVE-2017-6362** - Buffer over-read into uninitialized memory. **CVE-2017-7890** * **Fixed** - Fix #109: XBM reading fails with printed error - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable - Fix #357: 2.2.4: Segfault in test suite - Fix #386: gdImageGrayScale() may produce colors - Fix #406: webpng -i removes the transparent color - Fix Coverity #155475: Failure to restore alphaBlendingFlag - Fix Coverity #155476: potential resource leak - Fix several build issues and test failures - Fix and reenable optimized support for reading 1 bpsTIFFs --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Security notice for Fedora 25 enhancements targeting gd library concerns and remedies for various security flaws.. gd Library Security,Fedora 25 Patch,Double-Free Fix,Buffer Over-Read,Image Processing Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 06, 2017 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraDoS

Fedora 24: 2017-2717b02630 Critical: gd Image Processing DoS Threats

## Version 2.2.4 - 2017-01-18 ### Security - gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) - double-free in gdImageWebPtr() (CVE-2016-6912) - potential unsigned underflow in gd_interpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx() ### Fixed - Fix #354: Signed Integer Overflow gd_io.c - Fix #340: System frozen -. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-2717b02630 2017-01-23 23:54:30.270365 -------------------------------------------------------------------------------- Name : gd Product : Fedora 24 Version : 2.2.4 Release : 1.fc24 URL : https://libgd.github.io/ Summary : A graphics library for quick creation of PNG or JPEG images Description : The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. -------------------------------------------------------------------------------- Update Information: ## Version 2.2.4 - 2017-01-18 ### Security - gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) - double-free in gdImageWebPtr() (CVE-2016-6912) - potential unsigned underflow in gd_interpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx() ### Fixed - Fix #354: Signed Integer Overflow gd_io.c - Fix #340: System frozen - Fix OOB reads of the TGA decompression buffer - Fix DOS vulnerability in gdImageCreateFromGd2Ctx() - Fix potential unsigned underflow - Fix double-free in gdImageWebPtr() - Fix invalid read in gdImageCreateFromTiffPtr() - Fix OOB reads of the TGA decompression buffer - Fix #68: gif: buffer underflow reported byAddressSanitizer - Avoid potentially dangerous signed to unsigned conversion - Fix #304: test suite failure in gif/bug00006 [2.2.3] - Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border - Fix #330: Integer overflow in gdImageScaleBilinearPalette() - Fix 321: Null pointer dereferences in gdImageRotateInterpolated - Fix whitespace and add missing comment block - Fix #319: gdImageRotateInterpolated can have wrong background color - Fix color quantization documentation - Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries - Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag - Fix #300: gdImageClone() assigns res_y = res_x - Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness() - Replace GNU old-style field designators with C89 compatible initializers - Fix #297: gdImageCrop() converts palette image to truecolor image - Fix #290: TGA RLE decoding is broken - Fix unnecessary non NULL checks - Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files - Fix #280: gdImageWebpEx() `quantization` parameter is a misnomer - Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx() - Fix issue #276: Sometimes pixels are missing when storing images as BMPs - Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts - Fix copy&paste error in gdImageScaleBicubicFixed() ### Added - More documentation - Documentation on GD and GD2 formats - More tests -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Essential revisions for the libpng package in Fedora 25 resolve security vulnerabilities and enhance image handling performance.. gd library,Fedora 24,DoS fixes,image processing,software security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 24, 2017 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 25: 2017-bab5698540 Critical: gd Library DoS Issues Resolved

## Version 2.2.4 - 2017-01-18 ### Security - gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) - double-free in gdImageWebPtr() (CVE-2016-6912) - potential unsigned underflow in gd_interpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx() ### Fixed - Fix #354: Signed Integer Overflow gd_io.c - Fix #340: System frozen -. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-bab5698540 2017-01-23 23:54:29.226277 -------------------------------------------------------------------------------- Name : gd Product : Fedora 25 Version : 2.2.4 Release : 1.fc25 URL : https://libgd.github.io/ Summary : A graphics library for quick creation of PNG or JPEG images Description : The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. -------------------------------------------------------------------------------- Update Information: ## Version 2.2.4 - 2017-01-18 ### Security - gdImageCreate() doesn't check for oversized images and as such is prone to DoS vulnerabilities. (CVE-2016-9317) - double-free in gdImageWebPtr() (CVE-2016-6912) - potential unsigned underflow in gd_interpolation.c - DOS vulnerability in gdImageCreateFromGd2Ctx() ### Fixed - Fix #354: Signed Integer Overflow gd_io.c - Fix #340: System frozen - Fix OOB reads of the TGA decompression buffer - Fix DOS vulnerability in gdImageCreateFromGd2Ctx() - Fix potential unsigned underflow - Fix double-free in gdImageWebPtr() - Fix invalid read in gdImageCreateFromTiffPtr() - Fix OOB reads of the TGA decompression buffer - Fix #68: gif: buffer underflow reported byAddressSanitizer - Avoid potentially dangerous signed to unsigned conversion - Fix #304: test suite failure in gif/bug00006 [2.2.3] - Fix #329: GD_BILINEAR_FIXED gdImageScale() can cause black border - Fix #330: Integer overflow in gdImageScaleBilinearPalette() - Fix 321: Null pointer dereferences in gdImageRotateInterpolated - Fix whitespace and add missing comment block - Fix #319: gdImageRotateInterpolated can have wrong background color - Fix color quantization documentation - Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries - Fix #307: GD_QUANT_NEUQUANT fails to unset trueColor flag - Fix #300: gdImageClone() assigns res_y = res_x - Fix #299: Regression regarding gdImageRectangle() with gdImageSetThickness() - Replace GNU old-style field designators with C89 compatible initializers - Fix #297: gdImageCrop() converts palette image to truecolor image - Fix #290: TGA RLE decoding is broken - Fix unnecessary non NULL checks - Fix #289: Passing unrecognized formats to gdImageGd2 results in corrupted files - Fix #280: gdImageWebpEx() `quantization` parameter is a misnomer - Publish all gdImageCreateFromWebp*() functions and gdImageWebpCtx() - Fix issue #276: Sometimes pixels are missing when storing images as BMPs - Fix issue #275: gdImageBmpCtx() may segfault for non-seekable contexts - Fix copy&paste error in gdImageScaleBicubicFixed() ### Added - More documentation - Documentation on GD and GD2 formats - More tests -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Essential security patches for Fedora 25 gd module encompass Denial-of-Service remedies and enhancements for graphical content manipulation.. Fedora 25 Security, gd Library Update, Image Processing Threats, System Vulnerabilities Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 24, 2017 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 24 GD Update: FEDORA-2016-e45a7e7b13 Critical Buffer Overflow

- Security fix for CVE-2016-8670 - Security fix for CVE-2016-6911 - Security fix for CVE-2016-7568 - For Fedora 26 disabled two tests - they are failing because of freetype 2.7 (https://github.com/libgd/libgd/issues/302, https://github.com/libgd/libgd/issues/217). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-e45a7e7b13 2016-12-16 17:01:08.503809 -------------------------------------------------------------------------------- Name : gd Product : Fedora 24 Version : 2.2.3 Release : 5.fc24 URL : https://libgd.github.io/ Summary : A graphics library for quick creation of PNG or JPEG images Description : The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the formats accepted for inline images by most browsers. Note that gd is not a paint program. -------------------------------------------------------------------------------- Update Information: - Security fix for CVE-2016-8670 - Security fix for CVE-2016-6911 - Security fix for CVE-2016-7568 - For Fedora 26 disabled two tests - they are failing because of freetype 2.7 (https://github.com/libgd/libgd/issues/302, https://github.com/libgd/libgd/issues/217) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380450 - CVE-2016-7568 gd, php: Integer overflow in gdImageWebpCtx https://bugzilla.redhat.com/show_bug.cgi?id=1380450 [ 2 ] Bug #1388787 - CVE-2016-6911 gd, php: Missing check for OOB read in dynamicGetbuf() https://bugzilla.redhat.com/show_bug.cgi?id=1388787 [ 3 ] Bug #1391068 - CVE-2016-8670 gd, php: Stack based buffer overflow in dynamicGetbuf https://bugzilla.redhat.com/show_bug.cgi?id=1391068 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade gd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Acquire crucial updates for Fedora 24: gmp library resolving various high-severity vulnerabilities to maintain system reliability.. Fedora Update, gd Library Update, Critical Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 16, 2016 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here