Bug#709145: [CVE-2009-3546]: contains embedded (and outdated) copy of libgd2

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#709145: [CVE-2009-3546]: contains embedded (and outdated) copy of libgd2
From: Ondřej Surý <ondrej@debian.org>
Date: Tue, 21 May 2013 09:07:52 +0200
Message-id: <[🔎] 20130521070752.1491.13754.reportbug@localhost6.localdomain6>
Reply-to: Ondřej Surý <ondrej@debian.org>, 709145@bugs.debian.org

Package: texlive-bin
Version: 2013.20130521.30601-1
Severity: grave
Tags: security

The new upload of texlive-bin contains and uses an outdated embedded
copy of GD library and must not enter testing until texlive-bin is
using the system GD library again.

The embedded copy suffers from CVE-2009-3546 and maybe other issues
since 2.0.35 is really old copy of the library.

O.

-- System Information:
Debian Release: 7.0
  APT prefers stable
  APT policy: (500, 'stable'), (300, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to:

Follow-Ups:
- Bug#709145: marked as done ([CVE-2009-3546]: contains embedded (and outdated) copy of libgd2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#709145: marked as done ([CVE-2009-3546]: contains embedded (and outdated) copy of libgd2)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#709142: dpkg: error processing tex-common (--configure): updmap-sys failed
Next by Date: Bug#709146: several security issues due embedded t1lib
Previous by thread: Bug#709142: dpkg: error processing tex-common (--configure): updmap-sys failed
Next by thread: Bug#709145: marked as done ([CVE-2009-3546]: contains embedded (and outdated) copy of libgd2)
Index(es):
- Date
- Thread