CESA-2010:0003 -- centos 5 x86_64 gdID: oval:org.secpod.oval:def:201766 | Date: (C)2012-01-31 (M)2024-02-19 |
Class: PATCH | Family: unix |
The gd packages provide a graphics library used for the dynamic creation of images, such as PNG and JPEG. A missing input sanitization flaw, leading to a buffer overflow, was discovered in the gd library. A specially-crafted GD image file could cause an application using the gd library to crash or, possibly, execute arbitrary code when opened. Users of gd should upgrade to these updated packages, which contain a backported patch to resolve this issue.