Package "libgd2"
| Name: |
libgd2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- GD Graphics Library (development version)
- GD Graphics Library
|
| Latest version: |
2.2.5-5.2ubuntu2.1 |
| Release: |
focal (20.04) |
| Level: |
security |
| Repository: |
main |
Links
Other versions of "libgd2" in Focal
Packages in group
Deleted packages are displayed in grey.
Changelog
|
libgd2 (2.2.5-5.2ubuntu2.1) focal-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer over-read
- debian/patches/CVE-2017-6363-*.patch: make sure transparent
palette index is within bounds in src/gd_gd.c and add tests in
tests/gd/bug00383.c, tests/gd/CMakeLists.txt, tests/gd/Makemodule.am,
tests/gd2/bug00383.c, tests/gd2/CMakeLists.txt, test/gd2/Makemodule.am.
- CVE-2017-6363
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2021-38115.patch: fix a read out-of-bounds in
reading tga header file in src/gd_tga.c.
- CVE-2021-38115
* SECURITY UPDATE: Double free
- debian/patches/CVE-2021-40145.patch: fix a memory leak in
src/gd_gd2.c.
- CVE-2021-40145
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 30 Aug 2021 15:10:22 -0300
|
| CVE-2017-6363 |
** DISPUTED ** In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the ven |
| CVE-2021-38115 |
read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds |
| CVE-2021-40145 |
** DISPUTED ** gdImageGd2Ptr in gd_gd2.c in the GD Graphics Library (aka LibGD) through 2.3.2 has a double free. NOTE: the vendor's position is "The |
|
About
-
Send Feedback to @ubuntu_updates
