Mandriva Linux Security Advisory : libgd (MDVSA-2015:153)
Medium Nessus Plugin ID 82406
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated libgd packages fix security vulnerabilities :
The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file (CVE-2014-2497).
A buffer read overflow in gd_gif_in.c in the php#68601 bug referenced in the PHP 5.5.21 ChangeLog has been fixed in the libgd package.
SolutionUpdate the affected packages.