Ubuntu Security Notice 3410-1 - It was discovered a double-free vulnerability in GD library. A remote attacker could write arbitrary values in memory spaces or made programs to crash.
14fc988aa2ac0d1a59fd89c749d2eaa1e34b6ce8dd8d2d767dc92aca1ca4390f==========================================================================
Ubuntu Security Notice USN-3410-1
September 05, 2017
libgd2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
GD library could be made to crash if it opened a specially crafted
file.
Software Description:
- libgd2: GD Graphics Library
Details:
It was discovered a double-free vulnerability in GD library.
A remote attacker could write arbitrary values in memory
spaces or made programs to crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
A libgd-toolsA A A A A A A A A A A A A A A A A A A A A 2.2.4-2ubuntu0.3
A libgd3A A A A A A A A A A A A A A A A A A A A A A A A A A 2.2.4-2ubuntu0.3
Ubuntu 16.04 LTS:
A libgd-toolsA A A A A A A A A A A A A A A A A A A A A 2.1.1-4ubuntu0.16.04.8
A libgd3A A A A A A A A A A A A A A A A A A A A A A A A A A 2.1.1-4ubuntu0.16.04.8
Ubuntu 14.04 LTS:
A libgd-toolsA A A A A A A A A A A A A A A A A A A A A 2.1.0-3ubuntu0.8
A libgd3A A A A A A A A A A A A A A A A A A A A A A A A A A 2.1.0-3ubuntu0.8
In general, a standard system update will make all the necessary
changes.
References:
A https://www.ubuntu.com/usn/usn-3410-1
A CVE-2017-6362
Package Information:
A https://launchpad.net/ubuntu/+source/libgd2/2.2.4-2ubuntu0.3
A https://launchpad.net/ubuntu/+source/libgd2/2.1.1-4ubuntu0.16.04.8
A https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed