Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 607718 (CVE-2016-10166, CVE-2016-10167, CVE-2016-10168, CVE-2016-6912, CVE-2016-9317)

Summary: <media-libs/gd-2.2.4: multiple vulnerabilities
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: graphics+disabled, vapier
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://seclists.org/oss-sec/2017/q1/218
Whiteboard: B3 [noglsa cve]
Package list:
=media-libs/gd-2.2.4
 Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 595540    

Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-30 13:35:36 UTC 
libgd fixed some issues in the git repositories:

1/ Fix potential unsigned underflow
Commit: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35

2/ Fix DOS vulnerability in gdImageCreateFromGd2Ctx()
Commit: https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f

3/ Fix #354: Signed Integer Overflow gd_io.c
Commit: https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6
Issue: https://github.com/libgd/libgd/issues/354
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2017-01-30 13:43:58 UTC 
CVE-2016-9317 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9317):
  The gdImageCreate function in the GD Graphics Library (aka libgd) before
  2.2.4 allows remote attackers to cause a denial of service (system hang) via
  an oversized image.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2017-01-30 13:47:05 UTC 
CVE-2016-6912 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6912):
  Double free vulnerability in the gdImageWebPtr function in the GD Graphics
  Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified
  impact via large width and height values.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-01-30 13:47:22 UTC 
CVE-2016-6912 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6912):
  Double free vulnerability in the gdImageWebPtr function in the GD Graphics
  Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified
  impact via large width and height values.
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-30 13:49:00 UTC 
All reported vulnerabilities are fixed in v2.2.4.


@ Maintainer(s): Please bump to >=media-libs/gd-2.2.4!
Comment 5 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2017-01-30 22:05:57 UTC 
commit 042f9437ac162678af09cec7b4a1c83b5f84dd96
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Mon Jan 30 23:04:34 2017

    media-libs/gd: Security bump to version 2.2.4 (bug #607718).

    Package-Manager: Portage-2.3.3, Repoman-2.3.1


FYI, two more tests fail in version 2.2.4 (5) compared to 2.2.3 (3).
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-31 23:35:42 UTC 
Test failures due to newer freetype version. Nothing critical, see https://github.com/libgd/libgd/commit/a5570d3ed30ff76c2a8bdd54f4ab1825acca0143


@ Arches,

please test and mark stable: =media-libs/gd-2.2.4
Comment 7 Jeroen Roovers (RETIRED) gentoo-dev 2017-02-01 22:29:50 UTC 
Stable for PPC64.
Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2017-02-01 22:34:34 UTC 
Stable for HPPA.
Comment 9 Agostino Sarubbo gentoo-dev 2017-02-04 15:23:10 UTC 
amd64 stable
Comment 10 Agostino Sarubbo gentoo-dev 2017-02-12 15:46:29 UTC 
x86 stable
Comment 11 Agostino Sarubbo gentoo-dev 2017-02-12 17:03:03 UTC 
ppc stable
Comment 12 Markus Meier gentoo-dev 2017-02-12 20:11:19 UTC 
arm stable
Comment 13 Agostino Sarubbo gentoo-dev 2017-02-17 10:59:36 UTC 
sparc stable
Comment 14 Agostino Sarubbo gentoo-dev 2017-02-18 14:47:02 UTC 
ia64 stable
Comment 15 Tobias Klausmann (RETIRED) gentoo-dev 2017-02-21 11:55:46 UTC 
Stable on alpha.
Comment 16 Thomas Deutschmann (RETIRED) gentoo-dev 2017-02-21 18:43:37 UTC 
GLSA Vote: No

@ Maintainer(s): Please cleanup and drop =media-libs/gd-2.2.3!
Comment 17 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2017-03-13 12:56:28 UTC 
commit 8a80444cd043c2ecde4b58f24e977dc7c4077aac
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Mon Mar 13 13:55:51 2017

    media-libs/gd: Security cleanup (bug #607718).

    Package-Manager: Portage-2.3.4, Repoman-2.3.2
Comment 18 Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-17 20:54:29 UTC 
Repository is clean, all done.