Описание
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| php7.1 | fixed | 7.1.1-1 | package | |
| php7.0 | fixed | 7.0.15-1 | package | |
| php5 | removed | package | ||
| php5 | fixed | 5.6.30+dfsg-0+deb8u1 | jessie | package |
| libgd2 | fixed | 2.2.4-1 | package |
Примечания
PHP Bug: https://bugs.php.net/bug.php?id=73869
Fixed in PHP 7.1.1, 7.0.15, 5.6.30
https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6
https://www.openwall.com/lists/oss-security/2017/01/26/1
Связанные уязвимости
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Уязвимость графической библиотеки GD Graphics Library, позволяющая нарушителю оказать неопределенное воздействие