Source: libgd2 Version: 2.0.36~rc1~dfsg-3 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libgd2.
CVE-2009-3546[0]: | The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the | GD Graphics Library 2.x, does not properly verify a certain | colorsTotal structure member, which might allow remote attackers to | conduct buffer overflow or buffer over-read attacks via a crafted GD | file, a different vulnerability than CVE-2009-3293. NOTE: some of | these details are obtained from third party information. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 http://security-tracker.debian.org/tracker/CVE-2009-3546 Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
