========================================================================== Ubuntu Security Notice USN-3389-2 August 14, 2017
libgd2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: The system could be made to expose sensitive information. Software Description: - libgd2: GD Graphics Library Details: USN-3389-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: A vulnerability was discovered in GD Graphics Library (aka libgd), as used in PHP that does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read bytes from the top of the stack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: libgd-tools 2.0.36~rc1~dfsg-6ubuntu2.5 In general, a standard system update will make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3389-2 https://www.ubuntu.com/usn/usn-3389-1 CVE-2017-7890
signature.asc
Description: This is a digitally signed message part
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
