Updated gd and libgd packages fix security vulnerability
Publication date: 08 Jul 2014Modification date: 08 Jul 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-2497
Description
The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file (CVE-2014-2497).
References
SRPMS
3/core
- gd-2.0.35-20.1.mga3
4/core
- libgd-2.1.0-3.1.mga4