FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gd -- multiple vulnerabilities

Affected packages
		gd	<	2.2.3,1

Details

VuXML ID	556d2286-5a51-11e6-a6c3-14dae9d210b8
Discovery	2016-07-21
Entry	2016-08-04

Pierre Joye reports:

fix php bug 72339, Integer Overflow in _gd2GetHeader (CVE-2016-5766)

gd: Buffer over-read issue when parsing crafted TGA file (CVE-2016-6132)

Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207)

fix php bug 72494, invalid color index not handled, can lead to crash ( CVE-2016-6128)

[source]

References

CVE Name	CVE-2016-5766
CVE Name	CVE-2016-6128
CVE Name	CVE-2016-6132
CVE Name	CVE-2016-6207
URL	https://github.com/libgd/libgd/releases/tag/gd-2.2.3