Oval Definition:oval:com.redhat.rhsa:def:20100003
Revision Date:2010-01-04Version:636
Title:RHSA-2010:0003: gd security update (Moderate)
Description:The gd packages provide a graphics library used for the dynamic creation of images, such as PNG and JPEG.

  • A missing input sanitization flaw, leading to a buffer overflow, was discovered in the gd library. A specially-crafted GD image file could cause an application using the gd library to crash or, possibly, execute arbitrary code when opened. (CVE-2009-3546)

    Users of gd should upgrade to these updated packages, which contain a backported patch to resolve this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2009-3546
    RHSA-2010:0003
    RHSA-2010:0003-01
    RHSA-2010:0003-01
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • gd is earlier than 0:2.0.28-5.4E.el4_8.1
  • AND gd is signed with Red Hat redhatrelease2 key
  • gd-devel is earlier than 0:2.0.28-5.4E.el4_8.1
  • AND gd-devel is signed with Red Hat redhatrelease2 key
  • gd-progs is earlier than 0:2.0.28-5.4E.el4_8.1
  • AND gd-progs is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • gd is earlier than 0:2.0.33-9.4.el5_4.2
  • AND gd is signed with Red Hat redhatrelease2 key
  • gd-devel is earlier than 0:2.0.33-9.4.el5_4.2
  • AND gd-devel is signed with Red Hat redhatrelease2 key
  • gd-progs is earlier than 0:2.0.33-9.4.el5_4.2
  • AND gd-progs is signed with Red Hat redhatrelease2 key
    • BACK