Revision Date: | 2006-02-01 | Version: | 637 |
Title: | RHSA-2006:0194: gd security update (Moderate) |
Description: | The gd package contains a graphics library used for the dynamic creation of images such as PNG and JPEG.
Several buffer overflow flaws were found in the way gd allocates memory. An attacker could create a carefully crafted image that could execute arbitrary code if opened by a victim using a program linked against the gd library. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2004-0941 to these issues.
Users of gd should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | CVE-2004-0941 RHSA-2006:0194 RHSA-2006:0194-01 RHSA-2006:0194-01
|
Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
Definition Synopsis |
Red Hat Enterprise Linux must be installed OR Package Information
Red Hat Enterprise Linux 4 is installed
AND
gd is earlier than 0:2.0.28-4.4E.1
AND gd is signed with Red Hat redhatrelease2 key
gd-devel is earlier than 0:2.0.28-4.4E.1
AND gd-devel is signed with Red Hat redhatrelease2 key
gd-progs is earlier than 0:2.0.28-4.4E.1
AND gd-progs is signed with Red Hat redhatrelease2 key
|