Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-557-1: GD library vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-557-1: GD library vulnerability
# 1  
Old 12-24-2007
USN-557-1: GD library vulnerability
Referenced CVEs:
CVE-2007-3996


Description:
=========================================================== Ubuntu Security Notice USN-557-1 December 18, 2007libgd2 vulnerabilityCVE-2007-3996===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 6.10Ubuntu 7.04Ubuntu 7.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libgd2-noxpm 2.0.33-2ubuntu5.3 libgd2-xpm 2.0.33-2ubuntu5.3Ubuntu 6.10: libgd2-noxpm 2.0.33-4ubuntu2.2 libgd2-xpm 2.0.33-4ubuntu2.2Ubuntu 7.04: libgd2-noxpm 2.0.34~rc1-2ubuntu1.2 libgd2-xpm 2.0.34~rc1-2ubuntu1.2Ubuntu 7.10: libgd2-noxpm 2.0.34-1ubuntu1.1 libgd2-xpm 2.0.34-1ubuntu1.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Mattias Bengtsson and Philip Olausson discovered that the GDlibrary did not properly perform bounds checking when creatingimages. An attacker could send specially crafted input toapplications linked against libgd2 and cause a denial of serviceor possibly execute arbitrary code.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT OSX

openpam_free_data

OPENPAM_FREE_DATA(3)					   BSD Library Functions Manual 				      OPENPAM_FREE_DATA(3)

NAME

     openpam_free_data -- generic cleanup function

LIBRARY

     Pluggable Authentication Module Library (libpam, -lpam)

SYNOPSIS

     #include <sys/types.h>
     #include <security/pam_appl.h>
     #include <security/openpam.h>

     void
     openpam_free_data(pam_handle_t *pamh, void *data, int status);

DESCRIPTION

     The openpam_free_data function is a cleanup function suitable for passing to pam_set_data(3).  It simply releases the data by passing its
     data argument to free(3).

SEE ALSO

     free(3), pam(3), pam_set_data(3)

STANDARDS

     The openpam_free_data function is an OpenPAM extension.

AUTHORS

     The openpam_free_data function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laborato-
     ries, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the
     DARPA CHATS research program.

BSD
								 December 21, 2007							       BSD