Download
| Alert*
oval:org.secpod.oval:def:89003398
This update for gd fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function . - CVE-2019-6978: Fixed a double free in the gdImage*Ptr functions . oval:org.secpod.oval:def:89003051 This update for php53 fixes the following issues: Security issues fixed: - CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function . - CVE-2019-6978: Fixed a double free in the gdImage*Ptr functions . oval:org.secpod.oval:def:117275 The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ... oval:org.secpod.oval:def:117469 The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ... oval:org.secpod.oval:def:117269 The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the fo ... oval:org.secpod.oval:def:603627 Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. oval:org.secpod.oval:def:704660 libgd2: GD Graphics Library Several security issues were fixed in GD. oval:org.secpod.oval:def:52967 libgd2: GD Graphics Library Several security issues were fixed in GD. oval:org.secpod.oval:def:76668 gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trig ... oval:org.secpod.oval:def:53508 Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. oval:org.secpod.oval:def:67991 GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. Security Fix: * gd: Heap-based buffer overflow in gdImageColorMatch in gd_color_match.c * gd: NULL pointer dereference in gdImageClone * gd: D ... oval:org.secpod.oval:def:2500133 GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. oval:org.secpod.oval:def:1504306 * Fri Mar 27 2020 fjanus@redhat.com - 2.2.5-7 - Fix CVE-2018-14553 - Potential Null pointer dereference in gdImageClone Resolves: RHBZ#1811788 - Fixed heap based buffer overflow in gd_color_match.c:gdImageColorMatch in libgd as used in imagecolormatch Resolves: RHBZ#1678104 - Fixed potential double ... oval:org.secpod.oval:def:2105943 Oracle Solaris 11 - ( CVE-2019-6977 ) oval:org.secpod.oval:def:504705 GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats. Security Fix: * gd: Heap-based buffer overflow in gdImageColorMatch in gd_color_match.c * gd: NULL pointer dereference in gdImageClone * gd: D ... oval:org.secpod.oval:def:505023 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php71-php . Security Fix: * gd: Unsigned integer underflow _gdContributionsAlloc * php: Out of bounds access in php_pcre.c:php_pcre_replac ... oval:org.secpod.oval:def:2105112 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. oval:org.secpod.oval:def:504902 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php72-php . Security Fix: * php: underflow in env_path_info in fpm_main.c * gd: Unsigned integer underflow _gdContributionsAlloc * gd: He ... |