|
Mandriva- Advisories MDVSA-2008:038: Updated gd packages fix buffer overflow vulnerability
Advisories MDVSA-2008:038: Updated gd packages fix buffer overflow vulnerability
Buffer overflow in the LWZReadByte() function in gd_gif_in.c in GD
prior to 2.0.34 allows remote attackers to have an unknown impact
via a GIF file with input_code_size greater than MAX_LWZ_BITS, which
triggers an overflow when initializing the table array.
This was originally fixed in PHP's embedded GD with MDKSA-2006:162;
patches had not been applied to the system libgd at that time.
The updated packages have been patched to correct this issue.
http://mandrivausers.org/index.php?showtopic=48974
http://mandrivausers.org/index.php?showtopic=48974
Fri, 08 Feb 2008 03:50:11 +0000
|
02-07-2008, 11:04 PM
Posted
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
