Advisories ยป MGASA-2014-0288

Updated gd and libgd packages fix security vulnerability

Publication date: 08 Jul 2014
Modification date: 08 Jul 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-2497

Description

The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows
remote attackers to cause a denial of service (NULL pointer dereference and
application crash) via a crafted color table in an XPM file (CVE-2014-2497).
                

References

SRPMS

3/core

4/core