Univention Bugzilla – Bug 57216
libgd2: Multiple issues (5.0)
Last modified: 2024-04-11 14:16:09 CEST
New Debian libgd2 2.2.5-5.2+deb10u1 fixes: This update addresses the following issues: 2.2.5-5.2+deb10u1 (Thu, 28 Mar 2024 19:03:02 +0100) * Non-maintainer upload by the LTS Team. * CVE-2021-40812 fix for an out-of-bounds read due to lack of return value checks. * CVE-2021-38115 fix for remote attackers to cause a denial of service because of out-of-bounds read via a crafted TGA file * CVE-2018-14553 fix for a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence
--- mirror/ftp/pool/main/libg/libgd2/libgd2_2.2.5-5.2.dsc +++ apt/ucs_5.0-0-errata5.0-7/source/libgd2_2.2.5-5.2+deb10u1.dsc @@ -1,3 +1,15 @@ +2.2.5-5.2+deb10u1 [Thu, 28 Mar 2024 19:03:02 +0100] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2021-40812 + fix for an out-of-bounds read due to lack of return value checks. + * CVE-2021-38115 + fix for remote attackers to cause a denial of service because of + out-of-bounds read via a crafted TGA file + * CVE-2018-14553 + fix for a NULL pointer dereference allowing attackers to crash an + application via a specific function call sequence + 2.2.5-5.2 [Tue, 11 Jun 2019 16:21:57 +0200] Jonas Meurer <jonas@freesources.org>: * Non-maintainer upload. <http://piuparts.knut.univention.de/5.0-7/#1035516105617164948>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-7] d4bf5efa9e fixup! Bug #57216: libgd2 2.2.5-5.2+deb10u1 doc/errata/staging/libgd2.yaml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) [5.0-7] 8e7d812c0c Bug #57216: libgd2 2.2.5-5.2+deb10u1 doc/errata/staging/libgd2.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x1020>