Oval Definition:oval:com.redhat.rhsa:def:20060194
Revision Date:2006-02-01Version:637
Title:RHSA-2006:0194: gd security update (Moderate)
Description:The gd package contains a graphics library used for the dynamic creation of images such as PNG and JPEG.

Several buffer overflow flaws were found in the way gd allocates memory. An attacker could create a carefully crafted image that could execute arbitrary code if opened by a victim using a program linked against the gd library. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2004-0941 to these issues.

Users of gd should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.
Family:unixClass:patch
Status:Reference(s):CVE-2004-0941
RHSA-2006:0194
RHSA-2006:0194-01
RHSA-2006:0194-01
Platform(s):Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • gd is earlier than 0:2.0.28-4.4E.1
  • AND gd is signed with Red Hat redhatrelease2 key
  • gd-devel is earlier than 0:2.0.28-4.4E.1
  • AND gd-devel is signed with Red Hat redhatrelease2 key
  • gd-progs is earlier than 0:2.0.28-4.4E.1
  • AND gd-progs is signed with Red Hat redhatrelease2 key
    • BACK