Bugtraq: [SECURITY] [DSA 3587-1] libgd2 security update

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512

- ------------------------------------------------------------------------

-

Debian Security Advisory DSA-3587-1 security (at) debian (dot) org [email concealed]

http://ift.tt/1kZ5swi Salvatore Bonaccorso

May 27, 2016 http://ift.tt/1S3Txy1

- ------------------------------------------------------------------------

-

Package : libgd2

CVE ID : CVE-2013-7456 CVE-2015-8874 CVE-2015-8877

Debian Bug : 824627

Several vulnerabilities were discovered in libgd2, a library for

programmatic graphics creation and manipulation. A remote attacker can

take advantage of these flaws to cause a denial-of-service against an

application using the libgd2 library.

For the stable distribution (jessie), these problems have been fixed in

version 2.1.0-5+deb8u3.

For the unstable distribution (sid), these problems have been fixed in

version 2.2.1-1 or earlier.

We recommend that you upgrade your libgd2 packages.

Further information about Debian Security Advisories, how to apply

these updates to your system and frequently asked questions can be

found at: http://ift.tt/1kZ5swi

Mailing list: debian-security-announce (at) lists.debian (dot) org [email concealed]

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

iQIcBAEBCgAGBQJXSF48AAoJEAVMuPMTQ89ElJIP/jlPZQMIVimV5FNAtvxm2Fm6

yqxSRiSsBL3Huh079QvWXvGGAaTNp3XVnwO89pQBF0Hekk7APltwITmR8W+dubsh

wWMiI28H2zUAvKCIuy2wYXdvweeWGrcNs5ZTVJ6mraCHGvvpYBw3nDiVhx4vFMbP

32luiUs2ddRowNdo2e11h3siclsYNWnPa2ICL0D7BWCPcZdj+S7eQzG8TwlkSJXH

9aTymdWN+xPuUa3EICUWt3MHi0GyLmESZovOtkjuOvCGU1fqN2XasyGH0jSjYXRa

UgdGNgrLxkGsqTKh1geseFS1vEf2CfRPTX7WMyVAGqsoq4Og17qpNdT0EUJynI8/

EN4F65IHyHHY7OfCEN5Tm1yKGd8Yx/aNN0139+UQ7k9SinJAfU3s0RVn+zIJ8IWc

NUQTE18NBvKVy/iwqH4U4RCKHTBu2Q+frtw+Yqir6G01d4h7dk5UIvOyk9vYhYRk

vSgM4o5eCN87X+w6UYjE3QaImLwVwthkCxzwmPWfBYQaqrNXE4eRO7DPgXlQwOvZ

GF8qZY6SOZx9VsvkFYCj/mUulcAWgw8M/J0U0jfuCCzNgNR2gU/UWWQ7zAuuE2WN

MCNMYLnWDoDTMLfrNQhdXxZRxU6+g3Yqicv2JCgDkWx53Fqts/ClRV4rgQlf292C

nlZYcxvgp7aUOcy1Npiw

=H9GB

-----END PGP SIGNATURE-----

[ reply ]


from SecurityFocus Vulnerabilities http://ift.tt/1NScE0r