========================================================================== Ubuntu Security Notice USN-3389-1 August 14, 2017
libgd2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: The system could be made to expose sensitive information. Software Description: - libgd2: GD Graphics Library Details: A vulnerability was descovered in GD Graphics Library (aka libgd), as used in PHP before that does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read bytes from the top of the stack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: libgd-tools 2.2.4-2ubuntu0.2 Ubuntu 16.04 LTS: libgd-tools 2.1.1-4ubuntu0.16.04.7 Ubuntu 14.04 LTS: libgd-tools 2.1.0-3ubuntu0.7 In general, a standard system update will make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3389-1 CVE-2017-7890 Package Information: https://launchpad.net/ubuntu/+source/libgd2/2.2.4-2ubuntu0.2 https://launchpad.net/ubuntu/+source/libgd2/2.1.1-4ubuntu0.16.04.7 https://launchpad.net/ubuntu/+source/libgd2/2.1.0-3ubuntu0.7
signature.asc
Description: This is a digitally signed message part
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
