Hi,
this security bug (CAN-2004-0990) against libgd2 in woody seems to be
fixed:
libgd2 (2.0.1-10woody2) stable-security; urgency=high
* Non-maintainer upload by the Security Team
* Added overflow and failed malloc protections to prevend buffer
overflows that could lead to arbitrary code execution [gd.c, wbmp.c,
gd_gd.c, gd_io_dp.c, gdxpm.c, CAN-2004-0941, CAN-2004-0990]
* Added missing free() [gd_png.c]
* Added nother integer overflow precaution by Stew Benedict
<[EMAIL PROTECTED]> [gd_png.c]
-- Martin Schulze <[EMAIL PROTECTED]> Tue, 16 Nov 2004 11:39:46 +0100
AFAICT, the bug report should be closed. I'll leave that for somebody
else to verify, though. Apologies if I'm missing something.
Cheers,
--
Niko Tyni [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
