[3.4] gd: signedness vulnerability causing heap overflow (CVE-2016-3074)
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or
libgd2) allows remote attackers to
cause a denial of service (crash) or potentially execute arbitrary code
via crafted compressed gd2 data,
which triggers a heap-based buffer overflow.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3074
http://seclists.org/fulldisclosure/2016/Apr/72
Patch:
https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19
(from redmine: issue id 5609, created on 2016-05-20, closed on 2016-06-23)
- Relations:
- parent #5608 (closed)
- Changesets:
- Revision f99b90d2 by Natanael Copa on 2016-05-23T13:13:29Z:
main/gd: security upgrade to 2.2.1 (CVE-2016-3074)
fixes #5609