MDKSA-2007:035
- Package name
- gd
- Date
- 2007-02-06
- Advisory ID
- MDKSA-2007:035
- Affected versions
- CS4.0 x86_64 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64
Problem description
Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD
Graphics Library 2.0.33 and earlier allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted string with a JIS encoded font.
Packages have been patched to correct this issue.
Updated packages
CS4.0 x86_64
572ae62589b39a2bf9d4dd5b7c34e827 corporate/4.0/x86_64/gd-utils-2.0.33-3.2.20060mlcs4.x86_64.rpm ca43f6e9a811f49cf442b73c845c8d64 corporate/4.0/x86_64/lib64gd2-2.0.33-3.2.20060mlcs4.x86_64.rpm 8111cbbe7d7fc966fdb8f3c310cf6653 corporate/4.0/x86_64/lib64gd2-devel-2.0.33-3.2.20060mlcs4.x86_64.rpm 32e355162f4e68f339cf98f1c1baf53d corporate/4.0/x86_64/lib64gd2-static-devel-2.0.33-3.2.20060mlcs4.x86_64.rpm 91e6169527be92d0a4e1ef4a62bc4dd4 corporate/4.0/SRPMS/gd-2.0.33-3.2.20060mlcs4.src.rpm
2006.0 i586
bb5df1fd9874cb4538bd24ba722849c3 2006.0/i586/gd-utils-2.0.33-3.2.20060mdk.i586.rpm 311dbbc55d0d4d80d47305b397dccdfa 2006.0/i586/libgd2-2.0.33-3.2.20060mdk.i586.rpm 6d9f985a8266df26f4642dd985afd3c8 2006.0/i586/libgd2-devel-2.0.33-3.2.20060mdk.i586.rpm cb18cfd4467243366179b50f60877683 2006.0/i586/libgd2-static-devel-2.0.33-3.2.20060mdk.i586.rpm f4ed9e9a93903a69682da9f898127575 2006.0/SRPMS/gd-2.0.33-3.2.20060mdk.src.rpm
2007.0 x86_64
0442cd89cc1fc63d34afc1d7e05576fa 2007.0/x86_64/gd-utils-2.0.33-5.1mdv2007.0.x86_64.rpm 10cdbd6617bfef0029cafdc7a9650761 2007.0/x86_64/lib64gd2-2.0.33-5.1mdv2007.0.x86_64.rpm 3d02da82cf6e5a9885126709b0318c1a 2007.0/x86_64/lib64gd2-devel-2.0.33-5.1mdv2007.0.x86_64.rpm b696d03707bee9f0c107e88de26f0bf5 2007.0/x86_64/lib64gd2-static-devel-2.0.33-5.1mdv2007.0.x86_64.rpm c9690844ec1145ed47053e1194fe9dc3 2007.0/SRPMS/gd-2.0.33-5.1mdv2007.0.src.rpm
2007.0 i586
efddec174f28af4832a9fb488292a9ab 2007.0/i586/gd-utils-2.0.33-5.1mdv2007.0.i586.rpm 4f97206e59ac7f365c458a825a0548f6 2007.0/i586/libgd2-2.0.33-5.1mdv2007.0.i586.rpm 466025b4339876efbfee2a7466a46fa2 2007.0/i586/libgd2-devel-2.0.33-5.1mdv2007.0.i586.rpm 8a662acf86e0dc6ef7ef6207f8e1ec5d 2007.0/i586/libgd2-static-devel-2.0.33-5.1mdv2007.0.i586.rpm c9690844ec1145ed47053e1194fe9dc3 2007.0/SRPMS/gd-2.0.33-5.1mdv2007.0.src.rpm
CS3.0 x86_64
9786831c164719c081bf7d56c276a157 corporate/3.0/x86_64/gd-utils-2.0.15-4.3.C30mdk.x86_64.rpm 141d9ff878b727046f2484e931f662f7 corporate/3.0/x86_64/lib64gd2-2.0.15-4.3.C30mdk.x86_64.rpm 84823810c9c592e0505862cc5882b131 corporate/3.0/x86_64/lib64gd2-devel-2.0.15-4.3.C30mdk.x86_64.rpm c53cef0bf475c4eeeb59bf4e5c4a11aa corporate/3.0/x86_64/lib64gd2-static-devel-2.0.15-4.3.C30mdk.x86_64.rpm 50b89a63317d23b8712efea59d6fd121 corporate/3.0/SRPMS/gd-2.0.15-4.3.C30mdk.src.rpm
CS4.0 i586
58ca4f9b316790c648400059a73e53cd corporate/4.0/i586/gd-utils-2.0.33-3.2.20060mlcs4.i586.rpm 57f262fc41dc138a2b01b513e7a6977d corporate/4.0/i586/libgd2-2.0.33-3.2.20060mlcs4.i586.rpm dfeb2d6e537bcd39e8c4f4dc3cc97782 corporate/4.0/i586/libgd2-devel-2.0.33-3.2.20060mlcs4.i586.rpm fdd201797572fc130767b6dfa3aaefa5 corporate/4.0/i586/libgd2-static-devel-2.0.33-3.2.20060mlcs4.i586.rpm 91e6169527be92d0a4e1ef4a62bc4dd4 corporate/4.0/SRPMS/gd-2.0.33-3.2.20060mlcs4.src.rpm
CS3.0 i586
47ba42ab82d3d625626a00c65e79effc corporate/3.0/i586/gd-utils-2.0.15-4.3.C30mdk.i586.rpm 02256e730c508cff7acee1204f761512 corporate/3.0/i586/libgd2-2.0.15-4.3.C30mdk.i586.rpm 082545ff3f1596c9ae30d5842442f29e corporate/3.0/i586/libgd2-devel-2.0.15-4.3.C30mdk.i586.rpm 371c86bd9b0eecc7331dfbf72cd0ddd5 corporate/3.0/i586/libgd2-static-devel-2.0.15-4.3.C30mdk.i586.rpm 50b89a63317d23b8712efea59d6fd121 corporate/3.0/SRPMS/gd-2.0.15-4.3.C30mdk.src.rpm
2006.0 x86_64
ffe7cb2190e4d347f82b477b4b90617f 2006.0/x86_64/gd-utils-2.0.33-3.2.20060mdk.x86_64.rpm 92e96a8d5004b396aab5acc4cc853d8e 2006.0/x86_64/lib64gd2-2.0.33-3.2.20060mdk.x86_64.rpm 6a7247cbd5dfd03e51181711404f8dc5 2006.0/x86_64/lib64gd2-devel-2.0.33-3.2.20060mdk.x86_64.rpm cedc398df2eae9a72c4c967b421ceb32 2006.0/x86_64/lib64gd2-static-devel-2.0.33-3.2.20060mdk.x86_64.rpm f4ed9e9a93903a69682da9f898127575 2006.0/SRPMS/gd-2.0.33-3.2.20060mdk.src.rpm