Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3938-1:A45FF
HistoryAug 12, 2017 - 12:37 p.m.

[SECURITY] [DSA 3938-1] libgd2 security update

2017-08-1212:37:19
lists.debian.org
10

0.298 Low

EPSS

Percentile

97.0%

JSON

Debian Security Advisory DSA-3938-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
August 12, 2017 https://www.debian.org/security/faq

Package : libgd2
CVE ID : CVE-2017-7890
Debian Bug : 869263

Matviy Kotoniy reported that the gdImageCreateFromGifCtx() function used
to load images from GIF format files in libgd2, a library for
programmatic graphics creation and manipulation, does not zero stack
allocated color map buffers before their use, which may result in
information disclosure if a specially crafted file is processed.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.1.0-5+deb8u10.

For the stable distribution (stretch), this problem has been fixed in
version 2.2.4-2+deb9u1.

We recommend that you upgrade your libgd2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8arm64libgd-dbg< 2.1.0-5+deb8u10libgd-dbg_2.1.0-5+deb8u10_arm64.deb
Debian9mipslibgd-tools-dbgsym< 2.2.4-2+deb9u1libgd-tools-dbgsym_2.2.4-2+deb9u1_mips.deb
Debian7amd64libgd2-noxpm-dev< 2.0.36~rc1~dfsg-6.1+deb7u9libgd2-noxpm-dev_2.0.36~rc1~dfsg-6.1+deb7u9_amd64.deb
Debian9arm64libgd3-dbgsym< 2.2.4-2+deb9u1libgd3-dbgsym_2.2.4-2+deb9u1_arm64.deb
Debian9armhflibgd3< 2.2.4-2+deb9u1libgd3_2.2.4-2+deb9u1_armhf.deb
Debian8s390xlibgd-dbg< 2.1.0-5+deb8u10libgd-dbg_2.1.0-5+deb8u10_s390x.deb
Debian8mipsellibgd3< 2.1.0-5+deb8u10libgd3_2.1.0-5+deb8u10_mipsel.deb
Debian7amd64libgd2-xpm-dev< 2.0.36~rc1~dfsg-6.1+deb7u9libgd2-xpm-dev_2.0.36~rc1~dfsg-6.1+deb7u9_amd64.deb
Debian9i386libgd3-dbgsym< 2.2.4-2+deb9u1libgd3-dbgsym_2.2.4-2+deb9u1_i386.deb
Debian9armellibgd-tools-dbgsym< 2.2.4-2+deb9u1libgd-tools-dbgsym_2.2.4-2+deb9u1_armel.deb
Rows per page:
1-10 of 1451

Related

centos 1
openvas 20
ubuntu 2
nessus 36
ubuntucve 1
checkpoint_advisories 1
debiancve 1
ibm 1
redhat 2
debian 2
redhatcve 1
prion 1
veracode 2
alpinelinux 1
osv 3
freebsd 1
cve 1
nvd 1
cvelist 1
oraclelinux 1
slackware 1
f5 2
fedora 3
mageia 1
amazon 1
suse 2
cloudlinux 1
rosalinux 1
centos
centos
php security update
2018-03-10 01:07:54
openvas
openvas
Ubuntu: Security Advisory (USN-3389-2)
2022-08-26 00:00:00
CentOS Update for php CESA-2018:0406 centos7
2018-03-14 00:00:00
Ubuntu: Security Advisory (USN-3389-1)
2018-10-26 00:00:00
ubuntu
ubuntu
GD vulnerability
2017-08-14 00:00:00
GD vulnerability
2017-08-14 00:00:00
nessus
nessus
EulerOS Virtualization 2.5.0 : php (EulerOS-SA-2018-1249)
2018-09-18 00:00:00
RHEL 7 : php (RHSA-2018:0406)
2018-03-07 00:00:00
Oracle Linux 7 : php (ELSA-2018-0406)
2018-03-08 00:00:00
ubuntucve
ubuntucve
CVE-2017-7890
2017-08-02 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890)
2017-08-10 00:00:00
debiancve
debiancve
CVE-2017-7890
2017-08-02 19:29:00
ibm
ibm
Security Bulletin: A vulnerability in PHP affects PowerKVM
2018-06-18 01:42:20
redhat
redhat
(RHSA-2018:0406) Moderate: php security update
2018-03-06 18:36:35
(RHSA-2018:1296) Moderate: rh-php70-php security, bug fix, and enhancement update
2018-05-03 03:21:11
debian
debian
[SECURITY] [DLA 1055-1] libgd2 security update
2017-08-12 21:36:16
[SECURITY] [DSA 3938-1] libgd2 security update
2017-08-12 12:37:19
redhatcve
redhatcve
CVE-2017-7890
2017-07-21 19:18:29
prion
prion
Information disclosure
2017-08-02 19:29:00
veracode
veracode
Information Disclosure
2019-05-16 02:59:59
Use After Free
2019-05-16 02:59:58
alpinelinux
alpinelinux
CVE-2017-7890
2017-08-02 19:29:00
osv
osv
libgd2 - security update
2017-08-12 00:00:00
libgd2 - security update
2017-08-12 00:00:00
CVE-2017-7890
2017-08-02 19:29:00
freebsd
freebsd
php-gd and gd -- Buffer over-read into uninitialized memory
2017-08-02 00:00:00
cve
cve
CVE-2017-7890
2017-08-02 19:29:00
nvd
nvd
CVE-2017-7890
2017-08-02 19:29:00
cvelist
cvelist
CVE-2017-7890
2017-08-02 19:00:00
oraclelinux
oraclelinux
php security update
2018-03-07 00:00:00
slackware
slackware
[slackware-security] gd
2018-04-19 01:44:39
f5
f5
PHP vulnerabilities CVE-2017-9226 and CVE-2017-7890
2017-08-08 00:03:00
K01709026 : PHP vulnerabilities CVE-2017-7890 and CVE-2017-9226
2017-08-07 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: gd-2.2.5-1.fc26
2017-09-02 22:27:10
[SECURITY] Fedora 27 Update: gd-2.2.5-1.fc27
2017-09-30 07:21:04
[SECURITY] Fedora 25 Update: gd-2.2.5-1.fc25
2017-09-06 20:52:42
mageia
mageia
Updated php and libgd packages fix security vulnerabilities
2017-08-08 01:16:24
amazon
amazon
Medium: php70
2017-08-03 20:38:00
suse
suse
Security update for php7 (important)
2017-09-04 12:07:53
Security update for php7 (important)
2017-08-30 19:30:52
cloudlinux
cloudlinux
Fix of 227 CVE
2020-10-15 12:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

0.298 Low

EPSS

Percentile

97.0%

JSON
Related for DEBIAN:DSA-3938-1:A45FF
centos1openvas20ubuntu2nessus36ubuntucve1checkpoint_advisories1debiancve1ibm1redhat2debian2redhatcve1prion1veracode2alpinelinux1osv3freebsd1cve1nvd1cvelist1oraclelinux1slackware1f52fedora3mageia1amazon1suse2cloudlinux1rosalinux1