Vulnerabilities eliminated in libgd Graphics Library
In addition to several functional fixes, Version 2.0.35 of the LibGD open source graphics library eliminates some security vulnerabilities. The library is utilised, among other things, in PHP and Perl applications from many websites. Crafted PNG images can be used to cause DoS attacks: a referral application on libgd gets caught up in an infinite loop. An error in the function gdImageCreateXbm causes the application to crash. In addition, in the function dImageCreateTrueColor it is possible to cause an integer-related buffer overflow. It is not known whether it also allows code to be injected and executed on a system. Several unspecified vulnerabilities have also been fixed in the library's GIF reader.
Some Linux distributors have provided recently updated packets for libgd2. However, they do not fix all the problems listed in the official error report. Ubuntu and Mandriva have only been able to eliminate the PNG DoS vulnerability. In its error report, Ubuntu also specifies another vulnerability in gdImageStringFTEx, which has actually been known for at least four months since LibGD 2.0.33.
- release note 020035, advisory on libgd.org
- libgd2 vulnerabilities, error report from Ubuntu
- updated gd packages fix vulnerability, error report from Mandriva
(mba)