You are here
Home > Preporuke > Sigurnosni nedostaci programske biblioteke libgd2

Sigurnosni nedostaci programske biblioteke libgd2

by - 0

==========================================================================
Ubuntu Security Notice USN-3900-1
February 28, 2019

libgd2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in GD.

Software Description:
– libgd2: GD Graphics Library

Details:

It was discovered that GD incorrectly handled memory when processing
certain images. A remote attacker could use this issue with a specially
crafted image file to cause GD to crash, resulting in a denial of service,
or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
libgd-tools 2.2.5-4ubuntu1.1
libgd3 2.2.5-4ubuntu1.1

Ubuntu 18.04 LTS:
libgd-tools 2.2.5-4ubuntu0.3
libgd3 2.2.5-4ubuntu0.3

Ubuntu 16.04 LTS:
libgd-tools 2.1.1-4ubuntu0.16.04.11
libgd3 2.1.1-4ubuntu0.16.04.11

Ubuntu 14.04 LTS:
libgd-tools 2.1.0-3ubuntu0.11
libgd3 2.1.0-3ubuntu0.11

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3900-1
CVE-2019-6977, CVE-2019-6978

Package Information:
https://launchpad.net/ubuntu/+source/libgd2/2.2.5-4ubuntu1.1
https://launchpad.net/ubuntu/+source/libgd2/2.2.5-4ubuntu0.3
https://launchpad.net/ubuntu/+source/libgd2/2.1.1-4ubuntu0.16.04.11
https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.11

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlx3868ACgkQZWnYVadE
vpM0eA//c92UZeucuWR+pgy+2zNq3uXK9XJ8+yh+8Lr6LZ9SWmNkrMJLcGrWqYJO
b3NibjCLLwW9spQzB/Ig9EWNGD377vsY7s+q/CV+oEUNZwxTXYZZxkJPRwnJ6k8N
DhdwuGmnInwIa4RUksv3oUYmajQihBSr7sKH8DJ2ZkB/tDFjJalUv/VfxHLzQcZX
znP0ca7/koTc9pzViLpsbWS0ZqyJVsIqRgWobMIH1DWA6NqUnCYBEhDFzKkiPsir
xrKXw9drZn8Hf2wzQ8P+jMXWMNFKBOnXxla+87BMAlx3a7ZegTLecqojgNY/vAD6
D3pR41rCIbMTfZIq6w194JSu3NPMK4UPiY1ayOIsKQy8Do1SGMO/yubR6KuYoGX+
AyJp7/g4BSY2zI7p1hfBmotq06CDmYQaUDRKPJ2Uoeeyfjn1pLEz3h0UMkyv8XW4
84mXzclK4PS9Fju0n1pHbjZKqoAGtcV3e5s14iYsp2ebSDFq0e1SGmzjhWvX+PSK
7CIwoZEZ2sONYFj3B1STJjMFtsUcjcutW657v8TExaBt4JoDr1MN5EajuegHq23K
mLuwmkX9h8uAx0ovvT/tFCvxbYsddyNrkdafXXSBD45KRAoyfAGaw1ONIsqO6WDi
6evlkQaA+Jzip8VroQFguaRRoKRIDAiOJ9caD00JrJl+6El+l5M=
=Znfu
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa java-11-openjdk

Otkriven je sigurnosni nedostatak u programskom paketu java-11-openjdk za operacijski sustav RedHat. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija....

Close