gd-2.3.3-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10777 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z gd-2.3.3-1.1 on GA media These are all security issues fixed in the gd-2.3.3-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10777 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10777 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2007-2756/ SUSE CVE CVE-2007-2756 page https://www.suse.com/security/cve/CVE-2016-10166/ SUSE CVE CVE-2016-10166 page https://www.suse.com/security/cve/CVE-2016-10167/ SUSE CVE CVE-2016-10167 page https://www.suse.com/security/cve/CVE-2016-10168/ SUSE CVE CVE-2016-10168 page https://www.suse.com/security/cve/CVE-2016-6912/ SUSE CVE CVE-2016-6912 page https://www.suse.com/security/cve/CVE-2016-9317/ SUSE CVE CVE-2016-9317 page https://www.suse.com/security/cve/CVE-2017-6362/ SUSE CVE CVE-2017-6362 page https://www.suse.com/security/cve/CVE-2017-7890/ SUSE CVE CVE-2017-7890 page https://www.suse.com/security/cve/CVE-2018-1000222/ SUSE CVE CVE-2018-1000222 page https://www.suse.com/security/cve/CVE-2018-14553/ SUSE CVE CVE-2018-14553 page https://www.suse.com/security/cve/CVE-2018-5711/ SUSE CVE CVE-2018-5711 page https://www.suse.com/security/cve/CVE-2019-11038/ SUSE CVE CVE-2019-11038 page https://www.suse.com/security/cve/CVE-2019-6977/ SUSE CVE CVE-2019-6977 page https://www.suse.com/security/cve/CVE-2019-6978/ SUSE CVE CVE-2019-6978 page openSUSE Tumbleweed gd-2.3.3-1.1 gd-devel-2.3.3-1.1 gd-devel-32bit-2.3.3-1.1 libgd3-2.3.3-1.1 libgd3-32bit-2.3.3-1.1 gd-2.3.3-1.1 as a component of openSUSE Tumbleweed gd-devel-2.3.3-1.1 as a component of openSUSE Tumbleweed gd-devel-32bit-2.3.3-1.1 as a component of openSUSE Tumbleweed libgd3-2.3.3-1.1 as a component of openSUSE Tumbleweed libgd3-32bit-2.3.3-1.1 as a component of openSUSE Tumbleweed The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. CVE-2007-2756 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2007-2756.html CVE-2007-2756 https://bugzilla.suse.com/276525 SUSE Bug 276525 https://bugzilla.suse.com/282730 SUSE Bug 282730 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. CVE-2016-10166 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-10166.html CVE-2016-10166 https://bugzilla.suse.com/1022069 SUSE Bug 1022069 https://bugzilla.suse.com/1022263 SUSE Bug 1022263 The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. CVE-2016-10167 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-10167.html CVE-2016-10167 https://bugzilla.suse.com/1022069 SUSE Bug 1022069 https://bugzilla.suse.com/1022264 SUSE Bug 1022264 Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. CVE-2016-10168 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-10168.html CVE-2016-10168 https://bugzilla.suse.com/1022069 SUSE Bug 1022069 https://bugzilla.suse.com/1022265 SUSE Bug 1022265 Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values. CVE-2016-6912 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-6912.html CVE-2016-6912 https://bugzilla.suse.com/1022284 SUSE Bug 1022284 The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. CVE-2016-9317 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-9317.html CVE-2016-9317 https://bugzilla.suse.com/1022283 SUSE Bug 1022283 Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. CVE-2017-6362 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-6362.html CVE-2017-6362 https://bugzilla.suse.com/1056993 SUSE Bug 1056993 The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information. CVE-2017-7890 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-7890.html CVE-2017-7890 https://bugzilla.suse.com/1050241 SUSE Bug 1050241 Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerability appears to have been fixed in after commit ac16bdf2d41724b5a65255d4c28fb0ec46bc42f5. CVE-2018-1000222 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-1000222.html CVE-2018-1000222 https://bugzilla.suse.com/1105434 SUSE Bug 1105434 gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled). CVE-2018-14553 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-14553.html CVE-2018-14553 https://bugzilla.suse.com/1165471 SUSE Bug 1165471 gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx. CVE-2018-5711 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5711.html CVE-2018-5711 https://bugzilla.suse.com/1076391 SUSE Bug 1076391 When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. CVE-2019-11038 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-11038.html CVE-2019-11038 https://bugzilla.suse.com/1140118 SUSE Bug 1140118 https://bugzilla.suse.com/1140120 SUSE Bug 1140120 gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data. CVE-2019-6977 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-6977.html CVE-2019-6977 https://bugzilla.suse.com/1123354 SUSE Bug 1123354 https://bugzilla.suse.com/1123361 SUSE Bug 1123361 The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected. CVE-2019-6978 openSUSE Tumbleweed:gd-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-2.3.3-1.1 openSUSE Tumbleweed:gd-devel-32bit-2.3.3-1.1 openSUSE Tumbleweed:libgd3-2.3.3-1.1 openSUSE Tumbleweed:libgd3-32bit-2.3.3-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-6978.html CVE-2019-6978 https://bugzilla.suse.com/1123522 SUSE Bug 1123522