Security update for gd (important)

2016-11-10T17:21:29
ID OPENSUSE-SU-2016:2772-1
Type suse
Reporter Suse
Modified 2016-11-10T17:21:29

Description

This update for gd fixes the following security issues:

  • CVE-2016-7568: A specially crafted image file could cause an application crash or potentially execute arbitrary code when the image is converted to webp (bsc#1001900)
  • CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf (bsc#1004924)
  • CVE-2016-6911: Check for out-of-bound read in dynamicGetbuf() (bsc#1005274)

This update was imported from the SUSE:SLE-12:Update update project.