oss-sec mailing list archives

CVE Request: libgd: global out of bounds read when encoding gif from malformed input with gd2togif

From: Salvatore Bonaccorso <carnil () debian org>
Date: Tue, 5 Jul 2016 20:25:22 +0200

Hi

The following (older) issue in libgd's issue tracker can be found,
with possible security impact for applications using the libgd
library. If I see it correctly this is not an issue in the gd2togif
utility but in the library. It was reported upstream as:

https://github.com/libgd/libgd/issues/209

with the fix

https://github.com/libgd/libgd/commit/82b80dcb70a7ca8986125ff412bceddafc896842 (gd-2.2.0)

Could you assign a CVE for this issue?

Regards,
Salvatore

Current thread:

CVE Request: libgd: global out of bounds read when encoding gif from malformed input with gd2togif Salvatore Bonaccorso (Jul 05)
- Re: CVE Request: libgd: global out of bounds read when encoding gif from malformed input with gd2togif cve-assign (Jul 05)