Advisories ยป MGASA-2016-0258

Updated libgd packages fix security vulnerability

Publication date: 26 Jul 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-6132 , CVE-2016-6207 , CVE-2016-6214


Updated libgd packages fix security vulnerabilities:

A read out-of-bounds was found in the parsing of TGA files when the header
reports an incorrect size (CVE-2016-6132) or invalid bpp (CVE-2016-6214) or
RLE value (upstream issue 248).

Integer overflow error within _gdContributionsAlloc() (CVE-2016-6207).

A regression in the previous update that caused some packages to fail to
build against libgd has also been fixed (mga#18947).