Looks like that issue is already fixed: libgd2 (2.2.5-2) unstable; urgency=medium
* Fix OOB read due to crafted GD/GD2 images * Disable gdimagecopyresampled/bug00201 that makes some platforms to FTBFS -- Ondřej Surý <[email protected]> Mon, 04 Sep 2017 09:43:31 +0200 libgd2 (2.2.5-1) unstable; urgency=high * New upstream version 2.2.5 + [CVE-2017-6362]: Double-free in gdImagePngPtr(). + [CVE-2017-7890]: Buffer over-read into uninitialized memory. * Update d/watch for the github releases * Refresh patches for the 2.2.5 release -- Ondřej Surý <[email protected]> Wed, 30 Aug 2017 14:21:43 +0200 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-6362 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7890 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1717016 Title: FTBFS in Artful To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libgd2/+bug/1717016/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
