[SECURITY] [DLA 1248-1] libgd2 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1248-1] libgd2 security update
From: Chris Lamb <lamby@debian.org>
Date: Fri, 19 Jan 2018 10:28:18 +0530
Message-id: <[🔎] 1516337898.2638820.1240655720.27DB0C85@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libgd2
Version        : 2.0.36~rc1~dfsg-6.1+deb7u11
CVE ID         : CVE-2018-5711
Debian Bug     : #887485

It was discovered that there was a denial-of-service attack in the
libgd2 image library. A corrupt file could have exploited a signedness
confusion leading to an infinite loop.

For Debian 7 "Wheezy", this issue has been fixed in libgd2 version
2.0.36~rc1~dfsg-6.1+deb7u11.

We recommend that you upgrade your libgd2 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlphetUACgkQHpU+J9Qx
HliQqg//TeLcibcTYaUH1dUG529seIQ9ZiP8Cuer5ARzDomRBvVV2ptuDSTD4QVb
0vehZvyOJRv1JuhZv7XQ7zV8zesU2lkIHly0P1W029zJjZbIQGI+rc36u6zIgf7i
XLWWPXsbX9CaKOpeYAgAXPxD5k+mvVYCm2piAuEQc2vFHKbimyuv500S2aLeyfyZ
gxU79Fjm2HVm3i6RqkKoQ9pmVXAT6TrA0Q08nJ6OuI9tWvYQicQBUote4oJX3hWL
XPHiGysq4aM6eGLlV3mYS7qyWhKk779de+rd6OVuXDapT2Hm6F4riN4ePDhSHJJ+
Le3bUi4HyxNnTYAMimHYN1zJs/5B6Z9gNqVCPsl8QQb9tAPli4/+HyAJJq0DDej3
oz6KvQrNoI6VVyAYsctxnIvnyU/Jr//1hYaDdkbX+2GLWaMRZ1VsWqBdSLxiVG8S
4rALd6CSUNezSVykCUuoGw7zxO3t4IDEwsoM9QDUAA/Qe3iv2bjA5trbpmI9OZ/W
HZMUwLnSq4Cr6OHmL6n+2Sx7grsSHim817n5QvawuVwnDwUjVFKz48bu300P4t4b
OEOFZNegWLKZwievCBBkLfu2gcVp6U4eJW/MDVhq72EzqSTVjvZuOGqaGrAlpADy
dzblvDqU/xf1cGsAsSUJu6+Pb+b4iVMHz/g9vIwVXnj3gK5XwpU=
=OkED
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1247-1] rsync security update
Next by Date: [SECURITY] [DLA 1249-1] smarty3 security update
Previous by thread: [SECURITY] [DLA 1247-1] rsync security update
Next by thread: [SECURITY] [DLA 1249-1] smarty3 security update
Index(es):
- Date
- Thread