1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • GD Graphics Library vulnerabilities

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, April 02, 2020 20:10:05
    libgd2 vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM

    Summary

    Several security issues were fixed in GD Graphics Library.

    Software Description

    * libgd2 - Open source code library for the dynamic creation of
    images

    Details

    USN-4316-1 fixed a vulnerability in GD Graphics Library. This
    update provides the corresponding update for Ubuntu 14.04 ESM.

    Original advisory details:

    It was discovered that GD Graphics Library incorrectly handled
    cloning an image. An attacker could possibly use this issue to
    cause GD Graphics Library to crash, resulting in a denial of
    service. (CVE-2018-14553)

    It was discovered that GD Graphics Library incorrectly handled
    loading images from X bitmap format files. An attacker could
    possibly use this issue to cause GD Graphics Library to crash,
    resulting in a denial of service, or to disclose contents of the
    stack that has been left there by previous code. (CVE-2019-11038)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    libgd-tools - 2.1.0-3ubuntu0.11+esm1
    libgd3 - 2.1.0-3ubuntu0.11+esm1

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * USN-4316-1
    * CVE-2018-14553
    * CVE-2019-11038

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Thursday, April 02, 2020 20:10:05
    libgd2 vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Several security issues were fixed in GD Graphics Library.

    Software Description

    * libgd2 - Open source code library for the dynamic creation of
    images

    Details

    It was discovered that GD Graphics Library incorrectly handled
    cloning an image. An attacker could possibly use this issue to
    cause GD Graphics Library to crash, resulting in a denial of
    service. (CVE-2018-14553)

    It was discovered that GD Graphics Library incorrectly handled
    loading images from X bitmap format files. An attacker could
    possibly use this issue to cause GD Graphics Library to crash,
    resulting in a denial of service, or to disclose contents of the
    stack that has been left there by previous code. This issue only
    affected Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2019-11038)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    libgd-tools - 2.2.5-5.2ubuntu0.19.10.1
    libgd3 - 2.2.5-5.2ubuntu0.19.10.1

    Ubuntu 18.04 LTS
    libgd-tools - 2.2.5-4ubuntu0.4
    libgd3 - 2.2.5-4ubuntu0.4

    Ubuntu 16.04 LTS
    libgd-tools - 2.1.1-4ubuntu0.16.04.12
    libgd3 - 2.1.1-4ubuntu0.16.04.12

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2018-14553
    * CVE-2019-11038

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)