{"id":"MGASA-2016-0242","summary":"Updated libgd packages fix security vulnerability","details":"Stack overflow with imagefilltoborder (CVE-2015-8874).\n\nInteger Overflow in _gd2GetHeader() resulting in heap overflow\n(CVE-2016-5766).\n\nInteger Overflow in gdImagePaletteToTrueColor() resulting in heap overflow\n(CVE-2016-5767).\n\nImproperly handling invalid color index in gdImageCropThreshold() could\nresult in denial of service (CVE-2016-6128).\n","modified":"2026-04-16T06:23:01.284889389Z","published":"2016-07-05T15:47:08Z","upstream":["CVE-2015-8874","CVE-2016-5766","CVE-2016-5767","CVE-2016-6128"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0242.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18805"},{"type":"WEB","url":"https://github.com/libgd/libgd/releases/tag/gd-2.2.2"},{"type":"WEB","url":"http://php.net/ChangeLog-5.php#5.6.23"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2016/06/30/1"}],"affected":[{"package":{"name":"libgd","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libgd?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.2-1.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0242.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}