drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in gd
Name: |
Denial of Service in gd |
|
ID: |
USN-3410-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 17.04 |
|
Datum: |
Mi, 6. September 2017, 07:59 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362 |
|
Applikationen: |
gd |
|
Originalnachricht |
--===============9221574941686954660== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-jzwn9EC5kAYcKpS57BVv"
--=-jzwn9EC5kAYcKpS57BVv Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-3410-1 September 05, 2017
libgd2 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
GD library could be made to crash if it opened a specially crafted file.
Software Description: - libgd2: GD Graphics Library
Details:
It was discovered a double-free vulnerability in GD library. A remote attacker could write arbitrary values in memory spaces or made programs to crash.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: libgd-tools 2.2.4-2ubuntu0.3 libgd3 2.2.4-2ubuntu0.3
Ubuntu 16.04 LTS: libgd-tools 2.1.1-4ubuntu0.16.04.8 libgd3 2.1.1-4ubuntu0.16.04.8
Ubuntu 14.04 LTS: libgd-tools 2.1.0-3ubuntu0.8 libgd3 2.1.0-3ubuntu0.8
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3410-1 CVE-2017-6362
Package Information: https://launchpad.net/ubuntu/+source/libgd2/2.2.4-2ubuntu0.3 https://launchpad.net/ubuntu/+source/libgd2/2.1.1-4ubuntu0.16.04.8 https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.8
|
|
|
|