From ${URL} : Possible buffer read overflow was fixed upstream [1]. This was also reported against PHP: https://bugs.php.net/bug.php?id=68601 (bug is private, fixed in PHP 5.6.5) [1]: https://bitbucket.org/libgd/gd-libgd/commits/47eb44b2e90ca88a08dca9f9a1aa9041e9587f43 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
gd-2.1.1 is in the tree now, but will want to give it time to bake
fine to stabilize 2.1.1-r1
amd64 : ok (builds) Couldn`t test functionality.
amd64 stable
x86 stable
Stable for HPPA PPC64.
ppc stable
sparc stable
arm stable
alpha stable
ia64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Arches and Maintainer(s), Thank you for your work. New GLSA Request filed. Also probably does not matter since in bug 571690 a newer version is stabilized, but arm was never marked as stable for this version in tree. Maintainer(s), please drop the vulnerable version(s).
old versions removed. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13f429c8a0b8dd1d56e98c84108a20b5b5db9d6f
Arches and Maintainer(s), Thank you for your work.
This issue was resolved and addressed in GLSA 201607-04 at https://security.gentoo.org/glsa/201607-04 by GLSA coordinator Aaron Bauman (b-man).