[3.2] gd: signedness vulnerability causing heap overflow (CVE-2016-3074)
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or
libgd2) allows remote attackers to
cause a denial of service (crash) or potentially execute arbitrary code
via crafted compressed gd2 data,
which triggers a heap-based buffer overflow.
References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3074
http://seclists.org/fulldisclosure/2016/Apr/72
Patch:
https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19
(from redmine: issue id 5611, created on 2016-05-20, closed on 2016-06-23)
- Relations:
- parent #5608 (closed)
- Changesets:
- Revision d15b57bb on 2016-06-21T09:56:45Z:
main/gd: security fix (CVE-2016-3074). Fixes #5611
(cherry picked from commit 03a7b7c153735bbd740e554845de18f3f5e7f4f5)