-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libgd2 Version : 2.0.36~rc1~dfsg-6.1+deb7u11 CVE ID : CVE-2018-5711 Debian Bug : #887485
It was discovered that there was a denial-of-service attack in the libgd2 image library. A corrupt file could have exploited a signedness confusion leading to an infinite loop. For Debian 7 "Wheezy", this issue has been fixed in libgd2 version 2.0.36~rc1~dfsg-6.1+deb7u11. We recommend that you upgrade your libgd2 packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlphetUACgkQHpU+J9Qx HliQqg//TeLcibcTYaUH1dUG529seIQ9ZiP8Cuer5ARzDomRBvVV2ptuDSTD4QVb 0vehZvyOJRv1JuhZv7XQ7zV8zesU2lkIHly0P1W029zJjZbIQGI+rc36u6zIgf7i XLWWPXsbX9CaKOpeYAgAXPxD5k+mvVYCm2piAuEQc2vFHKbimyuv500S2aLeyfyZ gxU79Fjm2HVm3i6RqkKoQ9pmVXAT6TrA0Q08nJ6OuI9tWvYQicQBUote4oJX3hWL XPHiGysq4aM6eGLlV3mYS7qyWhKk779de+rd6OVuXDapT2Hm6F4riN4ePDhSHJJ+ Le3bUi4HyxNnTYAMimHYN1zJs/5B6Z9gNqVCPsl8QQb9tAPli4/+HyAJJq0DDej3 oz6KvQrNoI6VVyAYsctxnIvnyU/Jr//1hYaDdkbX+2GLWaMRZ1VsWqBdSLxiVG8S 4rALd6CSUNezSVykCUuoGw7zxO3t4IDEwsoM9QDUAA/Qe3iv2bjA5trbpmI9OZ/W HZMUwLnSq4Cr6OHmL6n+2Sx7grsSHim817n5QvawuVwnDwUjVFKz48bu300P4t4b OEOFZNegWLKZwievCBBkLfu2gcVp6U4eJW/MDVhq72EzqSTVjvZuOGqaGrAlpADy dzblvDqU/xf1cGsAsSUJu6+Pb+b4iVMHz/g9vIwVXnj3gK5XwpU= =OkED -----END PGP SIGNATURE-----