Package "libgd2"
Name: |
libgd2
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- GD command line tools and example code
|
Latest version: |
2.0.36~rc1~dfsg-6ubuntu2.6 |
Release: |
precise (12.04) |
Level: |
security |
Repository: |
universe |
Links
Other versions of "libgd2" in Precise
Packages in group
Deleted packages are displayed in grey.
Changelog
libgd2 (2.0.36~rc1~dfsg-6ubuntu2.6) precise-security; urgency=medium
* SECURITY UPDATE: Double-free memory
- debian/patches/CVE-2017-6362.patch: introduces a static
helper to check failure or success in gd_png.c.
- CVE-2017-6362
-- <email address hidden> (Leonidas S. Barbosa) Tue, 05 Sep 2017 09:24:22 -0300
|
Source diff to previous version |
CVE-2017-6362 |
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors relat |
|
libgd2 (2.0.36~rc1~dfsg-6ubuntu2.4) precise-security; urgency=medium
* SECURITY UPDATE: DoS vulnerability in gdImageCreateFromGd2Ctx()
- debian/patches/CVE-2016-10167.patch: properly fail in gd_gd2.c.
- CVE-2016-10167
* SECURITY UPDATE: signed integer overflow in gd_io.c
- debian/patches/CVE-2016-10168.patch: check counts in gd_gd2.c.
- CVE-2016-10168
* SECURITY UPDATE: DoS via oversized image
- debian/patches/CVE-2016-9317.patch: check for oversized images in
gd.c.
- CVE-2016-9317
* SECURITY UPDATE: DoS via stack consumption
- debian/patches/CVE-2016-9933.patch: check for invalid colors in gd.c.
- CVE-2016-9933
-- Marc Deslauriers <email address hidden> Tue, 28 Feb 2017 11:05:46 -0500
|
Source diff to previous version |
CVE-2016-1016 |
Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 o |
CVE-2016-9317 |
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via |
CVE-2016-9933 |
Stack consumption vulnerability in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP befor |
|
libgd2 (2.0.36~rc1~dfsg-6ubuntu2.3) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via invalid read in
gdImageCreateFromTiffPtr()
- debian/patches/CVE-2016-6911.patch: check out of bounds reads in
gd_io_dp.c.
- CVE-2016-6911
* SECURITY UPDATE: stack buffer overflow in dynamicGetbuf
- debian/patches/CVE-2016-8670.patch: avoid potentially dangerous
signed to unsigned conversion in gd_io_dp.c.
- CVE-2016-8670
-- Marc Deslauriers <email address hidden> Tue, 18 Oct 2016 14:24:19 +0200
|
Source diff to previous version |
|
libgd2 (2.0.36~rc1~dfsg-6ubuntu2.2) precise-security; urgency=medium
* SECURITY UPDATE: integer overflow in _gd2GetHeader()
- debian/patches/CVE-2016-5766.patch: check for overflow in gd_gd2.c.
- CVE-2016-5766
* SECURITY UPDATE: out of bounds read of masks array
- debian/patches/CVE-2016-6161.patch: properly handle EOF marker in
gd_gif_out.c.
- CVE-2016-6161
-- Marc Deslauriers <email address hidden> Fri, 08 Jul 2016 14:52:13 -0400
|
Source diff to previous version |
CVE-2016-5766 |
Integer Overflow in _gd2GetHeader() resulting in heap overflow |
|
libgd2 (2.0.36~rc1~dfsg-6ubuntu2.1) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted color table in XPM file
- debian/patches/CVE-2014-2497.patch: avoid null-pointer dereference in
gdxpm.c.
- CVE-2014-2497
* SECURITY UPDATE: denial of service via crafted GIF image
- debian/patches/CVE-2014-9709-1.patch: fix buffer read overflow in
gd_gif_in.c.
- debian/patches/CVE-2014-9709-2.patch: move overflow test outside the
loop in gd_gif_in.c.
- CVE-2014-9709
* SECURITY UPDATE: denial of service via crafted imagefilltoborder call
- debian/patches/CVE-2015-8874.patch: add limits to gd.c.
- CVE-2015-8874
* SECURITY UPDATE: denial of service and possible code execution via
crafted compressed gd2 data
- debian/patches/CVE-2016-3074.patch: perform range checking in
gd_gd2.c.
- CVE-2016-3074
-- Marc Deslauriers <email address hidden> Thu, 26 May 2016 10:01:57 -0400
|
CVE-2014-2497 |
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL |
CVE-2014-9709 |
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a |
CVE-2015-8874 |
Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call. |
CVE-2016-3074 |
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potential |
|
About
-
Send Feedback to @ubuntu_updates