Synopsis: Moderate: gd security update Issue date: 2008-02-28 CVE Names: CVE-2006-4484 CVE-2007-0455 CVE-2007-2756 CVE-2007-3472 CVE-2007-3473 CVE-2007-3475 CVE-2007-3476 Multiple issues were discovered in the gd GIF image-handling code. A carefully-crafted GIF file could cause a crash or possibly execute code with the privileges of the application using the gd library. (CVE-2006-4484, CVE-2007-3475, CVE-2007-3476) An integer overflow was discovered in the gdImageCreateTrueColor() function, leading to incorrect memory allocations. A carefully crafted image could cause a crash or possibly execute code with the privileges of the application using the gd library. (CVE-2007-3472) A buffer over-read flaw was discovered. This could cause a crash in an application using the gd library to render certain strings using a JIS-encoded font. (CVE-2007-0455) A flaw was discovered in the gd PNG image handling code. A truncated PNG image could cause an infinite loop in an application using the gd library. (CVE-2007-2756) A flaw was discovered in the gd X BitMap (XBM) image-handling code. A malformed or truncated XBM image could cause a crash in an application using the gd library. (CVE-2007-3473) SL 4.x SRPMS: gd-2.0.28-5.4E.el4_6.1.src.rpm i386: gd-2.0.28-5.4E.el4_6.1.i386.rpm gd-devel-2.0.28-5.4E.el4_6.1.i386.rpm gd-progs-2.0.28-5.4E.el4_6.1.i386.rpm x86_64: gd-2.0.28-5.4E.el4_6.1.i386.rpm gd-2.0.28-5.4E.el4_6.1.x86_64.rpm gd-devel-2.0.28-5.4E.el4_6.1.x86_64.rpm gd-progs-2.0.28-5.4E.el4_6.1.x86_64.rpm SL 5.x SRPMS: gd-2.0.33-9.4.el5_1.1.src.rpm i386: gd-2.0.33-9.4.el5_1.1.i386.rpm gd-devel-2.0.33-9.4.el5_1.1.i386.rpm gd-progs-2.0.33-9.4.el5_1.1.i386.rpm x86_64: gd-2.0.33-9.4.el5_1.1.i386.rpm gd-2.0.33-9.4.el5_1.1.x86_64.rpm gd-devel-2.0.33-9.4.el5_1.1.i386.rpm gd-devel-2.0.33-9.4.el5_1.1.x86_64.rpm gd-progs-2.0.33-9.4.el5_1.1.x86_64.rpm -Connie Sieh -Troy Dawson