Source: libgd2
Version: 2.2.5-5.2
Severity: important
Tags: security upstream
Control: found -1 2.2.4-2+deb9u5
Control: found -1 2.2.4-2


The following vulnerability was published for libgd2.

| gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL
| pointer dereference allowing attackers to crash an application via a
| specific function call sequence. Only affects PHP when linked with an
| external libgd (not bundled).

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:


Please adjust the affected versions in the BTS as needed.


Reply via email to