Contol: tags -1 + patch On Mon, Jan 28, 2019 at 04:50:27PM +0100, Salvatore Bonaccorso wrote: > Source: libgd2 > Version: 2.2.5-5 > Severity: grave > Tags: security upstream > Justification: user security hole > Forwarded: https://github.com/libgd/libgd/issues/492 > > Hi, > > The following vulnerability was published for libgd2. > > CVE-2019-6978[0]: > | The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the > | gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. > | NOTE: PHP is unaffected.
Pending in git as https://salsa.debian.org/debian/libgd2/commit/c2add7d943a34b5e91428cb6b8b94d1fe049640e Regards, Salvatore