[Frugalware-darcs] homepage-ng: FSA213-gd

voroskoi voroskoi at frugalware.org
Sun Jul 1 10:59:00 CEST 2007

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070701085803-dd049-d2f7467f5ce3a135f19d9a0b7f1a3cb97cfa7c86.gz;

voroskoi <voroskoi at frugalware.org>**20070701085803] {
hunk ./frugalware/xml/security.xml 29
+	<fsa>
+		<id>213</id>
+		<date>2007-07-01</date>
+		<author>voroskoi</author>
+		<package>gd</package>
+		<vulnerable>2.0.34-2terminus1</vulnerable>
+		<unaffected>2.0.34-2terminus2</unaffected>
+		<bts>http://bugs.frugalware.org/task/2219</bts>
+		<cve>No CVE for this issue, see: http://www.libgd.org/ReleaseNote020035</cve>
+		<desc>Some vulnerabilities have been reported in the GD Graphics Library, where some have unknown impact and others can potentially be exploited to cause a DoS.
+			1) An integer overflow exists in the "gdImageCreateTrueColor()" function.
+			2) An error in the "gdImageCreateXbm()" function can potentially be exploited to cause a crash.</desc>
+	</fsa>

More information about the Frugalware-darcs mailing list