SUSE-SU-2020:0623-1

UNKNOWN

Security update for gd

Published Mar 9, 2020

Modified 5 years ago

Fix available

Details

This update for gd fixes the following issues:

CVE-2017-7890: Fixed a buffer over-read into uninitialized memory (bsc#1050241).
CVE-2018-14553: Fixed a null pointer dereference in gdImageClone() (bsc#1165471).
CVE-2019-11038: Fixed a information disclosure in gdImageCreateFromXbm() (bsc#1140120).

Affected Packages

SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Server 12 SP4SUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.1.0-24.17.1

gd-32bit

SUSE Linux Enterprise Desktop 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP4SUSE Linux Enterprise Workstation Extension 12 SP5

Fixed in:

2.1.0-24.17.1

gd-devel

SUSE Linux Enterprise Software Development Kit 12 SP4SUSE Linux Enterprise Software Development Kit 12 SP5

Fixed in:

2.1.0-24.17.1

References

REPORT