gd-2.2.5-7.el8

エラータID: AXSA:2020-1002:01

Release date: 
Sunday, December 20, 2020 - 02:16
Subject: 
gd-2.2.5-7.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

GD is an open source code library for the dynamic creation of images by programmers. GD creates PNG, JPEG, GIF, WebP, XPM, BMP images, among other formats.

Security Fix(es):

* gd: Heap-based buffer overflow in gdImageColorMatch() in gd_color_match.c (CVE-2019-6977)

* gd: NULL pointer dereference in gdImageClone (CVE-2018-14553)

* gd: Double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c (CVE-2019-6978)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVE-2019-6978
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.

Solution: 

Update packages.

CVEs: 
CVE-2018-14553
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
CVE-2019-6977
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVE-2019-6978
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
Additional Info: 

N/A

Download: 

SRPMS
  1. gd-2.2.5-7.el8.src.rpm
    MD5: db5f54584d31c95656c9ceb9efe294a3
    SHA-256: 56da5747052cb5edaf795628ee274b327cc3b3a217d339bb1034543b513e051e
    Size: 2.50 MB

Asianux Server 8 for x86_64
  1. gd-2.2.5-7.el8.x86_64.rpm
    MD5: e1ca98c4f154dac025a9336eaa1c9e2c
    SHA-256: fe0c1ef961f2bfde47e62f5e0e200b3375e57b5c3b9bd391279692bd14f5ea1b
    Size: 142.75 kB
  2. gd-devel-2.2.5-7.el8.x86_64.rpm
    MD5: f177418c2931e88a9609f008390ecfca
    SHA-256: 3efb98a0bfe3b4ae1c41baeb9baaddc17ff424f326d98ffb1b70c5668286ead8
    Size: 49.39 kB
  3. gd-2.2.5-7.el8.i686.rpm
    MD5: 7c6590e5811742b171e80e138f574aa9
    SHA-256: c4371dd6ac9ab0c325afbfd1f9388c9e7655124b2110bd2eb2930ca1e2babf39
    Size: 150.75 kB
  4. gd-devel-2.2.5-7.el8.i686.rpm
    MD5: 8f6aa9e19872b64056374addfee85a92
    SHA-256: 61ace11c5470d01d221d8ee78c8ecc4ceeae524087923349ca4a46f528352e30
    Size: 49.41 kB