Explore top 10 tips to secure your open-source projects now. Read More
×
Vulnerabilities were found in libgd2, the GD Graphics Library, which could lead to Denial of Service via crafted input files. CVE-2021-38115 Maryam Ebrahimzadeh discovered an out-of-bounds read vulnerability in read_header_tga(), which may lead to Denial of Service via a. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4411-1
GD Graphics Library could be made to crash if it opened a specially crafted file.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ========================================================================== Ubuntu Security Notice USN-7112-1 November 15, 2024 libgd2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - - Ubuntu 22.04 LTS - - Ubuntu 20.04 LTS - - Ubuntu 18.04 LTS - - Ubuntu 16.04 LTS Summary: GD Graphics Library could be made to crash if it opened a specially crafted file. Software Description: - - libgd2: GD Graphics Library Details: It was discovered that the GD Graphics Library did not perform proper bounds checking while handling BMP and WebP files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service (application crash). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS libgd-dev 2.3.0-2ubuntu2.3 libgd-tools 2.3.0-2ubuntu2.3 libgd3 2.3.0-2ubuntu2.3 Ubuntu 20.04 LTS libgd-dev 2.2.5-5.2ubuntu2.4 libgd-tools 2.2.5-5.2ubuntu2.4 libgd3 2.2.5-5.2ubuntu2.4 Ubuntu 18.04 LTS libgd-dev 2.2.5-4ubuntu0.5+esm3 Available with Ubuntu Pro libgd-tools 2.2.5-4ubuntu0.5+esm3 Available with Ubuntu Pro libgd3 2.2.5-4ubuntu0.5+esm3 Available with Ubuntu Pro Ubuntu 16.04 LTS libgd-dev 2.1.1-4ubuntu0.16.04.12+esm4 Available with Ubuntu Pro libgd-tools 2.1.1-4ubuntu0.16.04.12+esm4 Available with Ubuntu Pro libgd3 2.1.1-4ubuntu0.16.04.12+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7112-1 CVE-2021-40812 Package Information: https://launchpad.net/ubuntu/+source/libgd2/2.3.0-2ubuntu2.3 https://launchpad.net/ubuntu/+source/libgd2/2.2.5-5.2ubuntu2.4 -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEKl1CaPno2Qy4/AU8lFzKVeTWQe4FAmc2q8gACgkQlFzKVeTW Qe5TEw/8D7vt83fOu551WA61LxJDVejpdMvP84dKC5SbgngZ8C71FRjaiL2RNhXM z1r4kU3MYQ64WYcjioCInZVljdxLgwTyPbJ08qIhmupCsPXv/w6Bo1DW6oJn9Pgh 2XGA9wGqFpGnqpUYbJHViSMr9c09TgBpDxTmMUH+iJmxKfYyGC85wD+E9Gta7bT/ jHllFz4hnBCZNDHpDyEB5g9utSszlc2+IkrzOe6Ln1kZbsBYpMU0ww8aoFQZM/lM /hQn43EYxf19yJxgI1QF/eI7ZVcUDrbdTbuxQXe9z8q3qqaybEl3X64N5zknYAII +fE0DO3WBDhEu5jDFXh38jX3GIO6qBMQH6WqhTsJmgpAGD6lJSKT3RxoXF23eDpB CPXUqojiL8s2bEW5jnZ3iBw47gkWGKnS235XEvNMoSJV+s6ka3qYkbdjvL4AN8Hb 42SJM4O+UKMmSiA3ouR3TIrc9MyZ0t+hdzrb6PaDpnCvKcY+O8+sCK0ksmJqmYvp WqZ+HyzFZbbM8t8JT+U5M6LZRWvkv2jGsMg+MPL1ZFeil0m0b6sPhSQp0tbvtGFO YSxQ/sVKB8aVFjZ3MajxQOtIbTJ3TEgOfjAi8S1nvVQHKO1Me+26X5P7KYsJHJKi sUPLU8FqoSmlGK3m6pMM6Y3H9hSYpFoxKu/N8vZpksjXO1hYokc= =TfRa -----END PGP SIGNATURE----- . The GD Graphics Library has released a security advisory noting vulnerabilities that may cause crashes from crafted files. Users should update quickly for protection. libgd2, denial of service, Ubuntu graphics, crash issues. . LinuxSecurity.com Team
Several issues have been found in libgd2, a GD Graphics Library. They are related to out-of-bounds reads or NULL pointer derefence allowing denial of service attacks. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3781-1
Several security issues were fixed in GD library.. =========================================================================Ubuntu Security Notice USN-5068-1 September 08, 2021 libgd2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in GD library. Software Description: - libgd2: GD Graphics Library Details: It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. (CVE-2017-6363) It was discovered that GD Graphics Library incorrectly handled certain TGA files. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2021-381) It was discovered that GD Graphics Library incorrectly handled certain files. An attacker could possibly use this issue to cause a crash. (CVE-2021-40145) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: libgd3 2.3.0-2ubuntu0.1 Ubuntu 20.04 LTS: libgd3 2.2.5-5.2ubuntu2.1 Ubuntu 18.04 LTS: libgd3 2.2.5-4ubuntu0.5 Ubuntu 16.04 ESM: libgd3 2.1.1-4ubuntu0.16.04.12+esm1 Ubuntu 14.04 ESM: libgd3 2.1.0-3ubuntu0.11+esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5068-1 CVE-2017-6363, CVE-2021-38115, CVE-2021-40145 Package Information: https://launchpad.net/ubuntu/+source/libgd2/2.3.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/libgd2/2.2.5-5.2ubuntu2.1 https://launchpad.net/ubuntu/+source/libgd2/2.2.5-4ubuntu0.5 . Solutions for various GD library problems on Ubuntu 20.04 LTS impacting performance and safety protocols. Discover more!. GD Library, Ubuntu Update, Security Issues, Denial Of Service, Information Exposure. . Severity: Critical. LinuxSecurity.com Team
Several security issues were fixed in GD Graphics Library.. =========================================================================Ubuntu Security Notice USN-4316-2 April 02, 2020 libgd2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Several security issues were fixed in GD Graphics Library. Software Description: - libgd2: Open source code library for the dynamic creation of images Details: USN-4316-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. (CVE-2018-14553) It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. (CVE-2019-11038) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libgd-tools 2.1.0-3ubuntu0.11+esm1 libgd3 2.1.0-3ubuntu0.11+esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4316-2 https://ubuntu.com/security/notices/USN-4316-1 CVE-2018-14553, CVE-2019-11038 . This notice outlines various vulnerabilities addressed in the GD Graphics Library for Ubuntu 14.04 ESM.. GD Graphics Library, Ubuntu Security Notice, Denial of Service. . Severity: Critical. LinuxSecurity.com Team
Several security issues were fixed in GD Graphics Library.. =========================================================================Ubuntu Security Notice USN-4316-1 April 02, 2020 libgd2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in GD Graphics Library. Software Description: - libgd2: Open source code library for the dynamic creation of images Details: It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. (CVE-2018-14553) It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service, or to disclose contents of the stack that has been left there by previous code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-11038) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: libgd-tools 2.2.5-5.2ubuntu0.19.10.1 libgd3 2.2.5-5.2ubuntu0.19.10.1 Ubuntu 18.04 LTS: libgd-tools 2.2.5-4ubuntu0.4 libgd3 2.2.5-4ubuntu0.4 Ubuntu 16.04 LTS: libgd-tools 2.1.1-4ubuntu0.16.04.12 libgd3 2.1.1-4ubuntu0.16.04.12 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4316-1 CVE-2018-14553, CVE-2019-11038 PackageInformation: https://launchpad.net/ubuntu/+source/libgd2/2.2.5-5.2ubuntu0.19.10.1 https://launchpad.net/ubuntu/+source/libgd2/2.2.5-4ubuntu0.4 https://launchpad.net/ubuntu/+source/libgd2/2.1.1-4ubuntu0.16.04.12 . Security patches for GD Graphics Library released in Ubuntu. Upgrade to prevent potential denial of service attacks. Discover the details today!. Ubuntu Security, GD Graphics Library, Denial of Service, Software Update, Vulnerability Fix. . Severity: Critical. LinuxSecurity.com Team
A vulnerability was discovered in libgd2, the GD graphics library, whereby an attacker can employ a specific function call sequence to trigger a NULL pointer dereference, subsequently crash the application . Package : libgd2 Version : 2.1.0-5+deb8u14 CVE ID : CVE-2018-14553 Debian Bug : 951287 A vulnerability was discovered in libgd2, the GD graphics library, whereby an attacker can employ a specific function call sequence to trigger a NULL pointer dereference, subsequently crash the application using libgd2, and create a denial of service. For Debian 8 "Jessie", this problem has been fixed in version 2.1.0-5+deb8u14. We recommend that you upgrade your libgd2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Essential patch released for libgd2 tackles a service disruption vulnerability. Ensure you update to the most current version for enhanced security.. libgd2, Debian LTS, security update, denial of service attack, software upgrade. . Severity: Critical. LinuxSecurity.com Team
An unitialized read was discovered in the XBM support of libgd2, a library for programmatic graphics creation and manipulation. The unitialized read might lead to information disclosure. . Package : libgd2 Version : 2.1.0-5+deb8u13 CVE ID : CVE-2019-11038 Debian Bug : 929821 An unitialized read was discovered in the XBM support of libgd2, a library for programmatic graphics creation and manipulation. The unitialized read might lead to information disclosure. For Debian 8 "Jessie", this problem has been fixed in version 2.1.0-5+deb8u13. We recommend that you upgrade your libgd2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -- Jonas Meurer . Package: libxrender Version: 0.9.10-1+deb9u8 CVE ID: CVE-2020-12345 Debian Bug: 937645 An unhandled exception vulnerability. libgd2 Security Update, Debian LTS Advisory, Information Disclosure, Graphics Library Issue. . Severity: Critical. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.