gd-2.2.5-7.el8
エラータID: AXSA:2020-1002:01
リリース日:
2020/12/20 Sunday - 02:16
題名:
gd-2.2.5-7.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libgd の gd.c の gdimageClone には NULLポインタ・デリファレンスの
問題があり、攻撃者がアプリケーションのクラッシュを引き起こすことの
可能な脆弱性があります。(CVE-2018-14553)
- libgd の gd_color_match.c の gdImageColorMatch には、ヒープベースの
バッファーオーバーフローの問題があり、攻撃者が巧妙に細工された
イメージデータを使って imagecolomatch を呼び出した際に悪用できる
脆弱性があります。(CVE-2019-6977)
- libgd の gd_gif_out.c, gd_jpeg.c, gd_wbmp.c で
使用している gdImage*Ptr() には二重解放の脆弱性があります。(CVE-2019-6978)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVE-2019-6978
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
追加情報:
N/A
ダウンロード:
SRPMS
- gd-2.2.5-7.el8.src.rpm
MD5: db5f54584d31c95656c9ceb9efe294a3
SHA-256: 56da5747052cb5edaf795628ee274b327cc3b3a217d339bb1034543b513e051e
Size: 2.50 MB
Asianux Server 8 for x86_64
- gd-2.2.5-7.el8.x86_64.rpm
MD5: e1ca98c4f154dac025a9336eaa1c9e2c
SHA-256: fe0c1ef961f2bfde47e62f5e0e200b3375e57b5c3b9bd391279692bd14f5ea1b
Size: 142.75 kB - gd-devel-2.2.5-7.el8.x86_64.rpm
MD5: f177418c2931e88a9609f008390ecfca
SHA-256: 3efb98a0bfe3b4ae1c41baeb9baaddc17ff424f326d98ffb1b70c5668286ead8
Size: 49.39 kB - gd-2.2.5-7.el8.i686.rpm
MD5: 7c6590e5811742b171e80e138f574aa9
SHA-256: c4371dd6ac9ab0c325afbfd1f9388c9e7655124b2110bd2eb2930ca1e2babf39
Size: 150.75 kB - gd-devel-2.2.5-7.el8.i686.rpm
MD5: 8f6aa9e19872b64056374addfee85a92
SHA-256: 61ace11c5470d01d221d8ee78c8ecc4ceeae524087923349ca4a46f528352e30
Size: 49.41 kB