oss-sec mailing list archives
CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c
From: Salvatore Bonaccorso <carnil () debian org>
Date: Thu, 26 Jan 2017 13:31:55 +0100
Hi [I'm collecting the request in one mail, although maybe I should have splitted up, apologies for that]. libgd fixed some issues in the git repositories, for which the following three does not seem to have CVE ids: 1/ Fix potential unsigned underflow Commit: https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35 2/ Fix DOS vulnerability in gdImageCreateFromGd2Ctx() Commit: https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f 3/ Fix #354: Signed Integer Overflow gd_io.c Commit: https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6 Issue: https://github.com/libgd/libgd/issues/354 Could you please assign CVE id's for those? Regards, Salvatore
Current thread:
- CVE Requests: libgd: potential unsigned onderflow, denial-of-service in gdImageCreateFromGd2Ctx and signed overflow in gd_io.c Salvatore Bonaccorso (Jan 26)