-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libgd2 Version : 2.0.36~rc1~dfsg-6.1+deb7u10 CVE ID : CVE-2017-6362
A double-free vulnerability was discovered in the gdImagePngPtr() function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a specially crafted file is processed. For Debian 7 "Wheezy", these problems have been fixed in version 2.0.36~rc1~dfsg-6.1+deb7u10. We recommend that you upgrade your libgd2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlnFOaoACgkQnUbEiOQ2 gwIRjA//eq8NJlb7k37ZdvANbkLxYmxE1UjEr0qcWSJfdzNfYddZDlWRUGOp82G6 8J+/mFaFcflUPBbGSbbbjTUUR+1M5MV14SV58D81I9NT0Scdo2tLjTwpnevbCrhp XyqtnPsd2sbMNl5zsO5a7cZSuw2JilXkG8SHahCc0LY0/OleiqmmLunGBsnwG9Jc KXWqdS8J1PjRSXiXZqbJQEy15jd32WOSwCzSTl3JvZmvA9hv1GqFUyvJ4KmfZH9M 6g8Aj810M+FY2IM1TrefdEliGc7RKkWJTtB+chxg19ZBPlo5fceU2XpqqJDZc9Co ADzPbJrwaENk3a1M2rpA4VylJm1kZuDY97OqCMe+NSRk5HrB9MDgI0WNFaQhKAJl FIhWAyeG4nFY/v5WQM3nhgp9aQ09Y5xlaOCBFMTbEyke6yVUZGUcylGZ4FU2e95X iKZaba9KS9Vt4YF1MBVrP2hixmIzIyavACTfYvN18TK6EWDAoU1OBoLzfPGxfGac 9ln0vXTIIOrCaDMu7sahcoULWGNH6/ZSIeaE8ADrhaWu6hvGEwQgHXzGyBFkho42 Ntex8zGKQWRGCUnXJNMg9pzK+P20ZNt4v+rNnWHhYHNWOTlfI7pnzw6rool+2/N5 VuiW9gdGShNFNLrGWw/E+vb9H28ZWs831yxWPVeICKS8r72dfxU= =mA3t -----END PGP SIGNATURE-----
